Chapter 1: Introduction

Definition of DRM

What exactly is digital rights management (DRM)? Put simply, it is a way to protect digital books (and digital content in general) made available for consumption online to people who wish to buy e-versions of books (or other content) on various sites or access them through library platforms. The most basic definition of DRM is that it is a code—or a set of codes—used to control access to digital content and the ways in which those who access it may use the content. The aim is to encourage users to use e-book files lawfully, moving them away from illegal activities, such as online piracy. The term first appeared in the 1990s, when it was used to represent new technologies that were utilized to enforce the rights of content owners. And these technologies were encouraged by the companies in the business of selling intellectual property. First DRM was applied to the performing arts—film, TV, and music (since they were the first to face problems with illegal downloading activities online)—then audio CDs, then internet music, then computer games, then academic journals, and, finally, e-books.1

In the world of digital publishing and e-books, it helps to think of DRM in terms of the core difference between what it means to buy a physical copy of a book and what it means to buy (or access) an e-book. When consumers buy a print book, they are buying the actual physical object, which belongs to them in perpetuity. When consumers buy an e-book, however, they are purchasing a license granting certain rights of access. The purchaser of an e-book does not buy it to own it in perpetuity and cannot do with it what they want. For example, the purchaser cannot lend it to a friend by sending it to the friend’s device or move it from one device to another. Often, the purchaser cannot even use functions such as Print or Copy. These restrictions are put in place by DRM technologies. DRM can, therefore, also be described as encryption applied to an e-book in order to control what users do with it, all in an effort to give authors, publishers, and copyright holders peace of mind that their intellectual property will not be infringed online.

Key goals of DRM are to ensure continued revenue streams for publishers and authors, to protect books from piracy (which many have feared would dent print sales), to enable tracking of those engaging in illegal copying or downloading, and to limit what users can do with content beyond merely reading it. Almost anyone in the business of producing, packaging, distributing, or selling e-books is affected by the presence (or absence) of DRM, in either positive or negative ways, including, among others, the following:2

• content creators (Authors want to protect their intellectual property and limit damage that may be associated with piracy.)
• the content industry (Publishers want to protect intellectual property. They prefer and encourage government regulation and do not support laws associated with fair use. Their incentive is not to lose sales due to piracy.)
• consumers (Those who read e-books do not want to be restricted in how they use them; readers advocate fair use and do not want to be treated as potential criminals.)
• the hardware industry (Companies that produce devices for use of digital content—such as tablets, laptops, and mobile phones—want to balance privacy, fair use, and copyright protection and prefer market-driven rather than government-driven solutions.)
• the software industry (Companies whose products are used for the production and distribution of digital content want to balance copyright protection, privacy, and fair use; their perspectives are similar to those of authors and publishers.)
• retailers (Online stores that sell digital content must balance interests of content providers on the one side and their customers on the other.)
• public interest groups (Groups such as Electronic Frontier Foundation and Electronic Privacy Information Center are against government regulations and combat technology solutions restricting users and threatening user rights.)
• libraries (Libraries’ main mission is to provide free access to information and encourage reading and literacy. Libraries are concerned with protecting the privacy of patrons and tend to be against excessive technological and legal control while also wanting to respect the rights of content creators. Further, libraries want to consider the concerns of both their patrons and content owners).

How DRM Works

There are many options available to authors, publishers, and retailers looking to protect e-books and other content before selling them in digital format. DRM controls how uploading and downloading of books happens online, how they are accessed and purchased, and how they may be lent through libraries. In whatever shape or form e-books are found and consumed—whether bought through online retailers, accessed through various subscription services, or read via local libraries—DRM can always be used to protect the content inside the files from leaking out and being vulnerable to illegal sharing and reselling.

Technically speaking, DRM is implemented to control three things related to e-books: (1) access, (2) use, and (3) distribution. “Access” refers to how users or readers obtain the content inside an e-book file (e.g., PDF, ePub file); “use” refers to what users can do with content once they have accessed it; “distribution” refers to how that content may be shared or passed on to others. Restriction of access is usually the first step. Even if a user can access a file without much hassle by either downloading or simply opening it, there is usually a second layer of protection, which is where the control of use comes into play. One can access a digital file but may not be able to do a lot with it other than to read it. (This is usually the case with e-books found in subscription platforms like Scribd or accessed through library platforms like OverDrive.)

It is precisely the use and distribution parts of DRM that have been the central point of discussions, confusion, frustration, and even new legislation in recent years. This is mostly because DRM can accomplish far more than users realize—all in an ongoing effort by publishers and content providers to keep people interested in buying e-books and to discourage them from sharing files, which modern-day technologies make remarkably easy to do. For these reasons, DRM does not just control what users can do while using content, it can also retroactively restrict privileges after purchase. This fact points to what is perhaps the key difference between print books and digital books in the context of ownership: once purchased, print books belong to the owner forever. E-books, on the other hand, do not. DRM ensures that digital content is only licensed to the user, so there is no such thing as an outright purchase of an e-book. This is why e-books can also expire. (This is usually the case with e-book lending services in public libraries.) They can also suddenly disappear from a device even after being purchased, as in the now-infamous 2009 case of Amazon remotely deleting purchased copies of George Orwell’s 1984 and Animal Farm for thousands of Kindle customers because, as reported by the New York Times, those books were added to the Kindle store by a company that did not have rights to them, using a self-service function, so Amazon was forced to remove them to avoid potential legal problems.3

Books with DRM often cannot be printed or copied in any way, or, in some cases, a user may copy a text a limited number of times. (A good example is the use of academic titles in libraries, where publishers allow more flexibility for students and researchers for educational purposes.) E-books also cannot be formatted or reformatted (i.e., converted to different files) or altered. Specific features can sometimes be removed, too, without readers being notified in advance. A good example was Amazon’s 2009 removal (or blocking) of text-to-speech (TTS) privileges for certain e-books purchased on the Kindle 2 owing to the pressure of the Authors Guild.4 At the time, the Authors Guild argued that Amazon could not sell an e-book as “an ebook and an audio book rolled into one,” which is what the TTS features enabled Amazon to do without paying extra for audio rights. The Authors Guild insisted that audio rights for a book were different from reading rights, “even if the audio is provided by a software robot.”5 Amazon eventually caved to the pressure and criticism by the book industry and removed the feature for the titles for any publisher that opposed to it, again leaving readers who purchased those titles the last to know and with no say in the matter.

DRM can also track user activities, including viewing, browsing, reading, and listening. Thanks to DRM encryption, companies that distribute e-books or make them available for consumption know with great precision how users consume them, which can help the companies gain valuable insights into user behavior in various markets. This, of course, immediately raises concerns related to reader privacy and the Big Brother traits of DRM. The argument for tracking here is that such information can be collected in aggregate so that it is beneficial to publishers and content providers without the identity of users being revealed. Recent legislation, particularly the passing of the GDPR law in the European Union, have made it more difficult for companies to use user information irresponsibly and without users’ consent.

DRM systems can therefore secure e-books in two ways: the first is containment (discussed thus far), and the second is marking—the practice of placing a watermark, flag, or XrML (eXtensible rights Markup Language) tag on content as a signal to a device that the content is protected. Some systems combine the two approaches.6

DRM systems can also be perceived as ranging from active to passive. “Active” DRM refers to, for example, tying e-books to specific e-readers, such as Amazon tying its e-books to Kindle, thus forcing readers to buy e-books from the same company that sells them the reading device. “Passive” DRM includes, for example, “watermarking” a digital file with the purchaser’s name and address so that if content owners come across pirated versions of e-books online, they are able to track them back to the original purchasers. When a watermark is detected, companies that specialize in tracking it (e.g., Digimarc, Booxtream) provide the unique identifier to the publisher (which works with such companies to protect e-books) to match it against transaction records. In other words, the watermark can be tracked back to the exact copy that was used to create the illegal copy. This type of passive DRM is called “social DRM,” and the most famous example of its use is the digital versions of J. K. Rowling’s Harry Potter books (published by Pottermore).

Watermarking can be used not only to prove legitimate ownership, but also to ensure that the integrity of the original work is preserved so that proper attribution is given where it is due. In other words, watermarking is also used to attach the right author to the right work permanently. Owing to DRM encryption, any e-book can be recognized or persistently identified, even if ownership changes. One way to accomplish this is by embedding numbering schemes, such as ISBNs (for books) and ISSNs (for journals), into files. It is common to see watermarks on PDF files downloaded from licensed databases, for example, or rights information may be embedded in the file’s metadata.

* * *

There are three key players in the market of selling and distributing e-books: Amazon, Apple, and Adobe. Amazon and Apple have very brand-centric approaches to DRM. Amazon for Kindle locks all e-books sold on its website to Kindle devices or apps using Amazon’s own DRM. When buying an e-book from Amazon, users are buying the license to read a digital version of the title on Amazon’s Kindle. To ensure the e-book is read by only one reader, Amazon’s DRM code matches the user’s Kindle device (or the Kindle app). Apple’s DRM system is called FairPlay, and it applies only to e-books sold in Apple Books (formerly iBooks). Adobe’s DRM scheme, called Adobe Digital Experience Protection Technology (ADEPT), is used on many third-party readers, such as various Android devices, but not Kindles. E-books with ADEPT can also be accessed through Adobe’s own Adobe Digital Editions (ADE). ADEPT requires a person to install ADE on different devices. The user can then read an e-book on all of these devices if they log in with the ID connected to the book.

Benefits and Drawbacks

As with any technology, there are noteworthy benefits as well as unfortunate drawbacks to implementing DRM in digital books and other content. As a result, DRM has been under constant scrutiny by academics and industry insiders for years, increasingly pointing to its ineffectiveness. Many have suggested that the various restrictions imposed by DRM on use have led to the stagnation of the popularity of e-books in the consumer market. Apart from the fact that users still prefer print books over e-books when reading for pleasure (versus when conducting research), various DRM-related limits placed on e-books have contributed further to the overall decline in e-book sales in recent years and a disappointing user experience all around. According to a survey conducted by the Pew Research Center in January 2018, only 7 percent of Americans read digital books exclusively, while 39 percent read print books, and 29 percent read both print and digital.7

Despite declining e-book sales in the consumer market and frustrations of users, most publishers still maintain that DRM is vital to protect the rights granted to them by law to control how content is sold, copied, repurposed, modified, and publicly performed.8 Therefore, they continue to support it and implement it. Generally speaking, the main benefits of DRM are as follows:

• It fights (or is supposed to fight) copyright infringement (or piracy).
• It enables content owners to track each pirated file to the original source that was used for illegal copying.
• It helps the copyright holder maintain the integrity of the original work. (DRM’d works cannot be edited or altered.)
• It ensures that proper attribution is assigned to each work (so that regardless of who owns the file, it is encrypted with correct information about the work’s author).
• It can accurately track reading activities (without invading reader privacy), thus giving valuable insight into how books are consumed. (Selling print copies has never given publishers insight into how much the books they publish are read, where, and what parts exactly.)
• It can help geo-locate content (so that, for example, if a book is open for free reading only in certain territories, DRM can restrict availability of the book in other territories by relying on the precision of GPS coordinates or IP addresses).

Despite these advantages, the adverse effects of DRM have been the topic of countless studies in the past decade, many of which have stated that DRM has failed not only the publishing industry, but also all others in the book ecosystem, including authors, scholars, educators, and, most of all, readers, and why so many have advocated against it. Some of those drawbacks include the following:

• the unfair treatment of legitimate readers (those who purchase e-books through online retailers or access e-books through libraries)
• draconian measures that forbid users from doing anything other than read the files, which they don’t own to begin with
• the Big Brother effect of DRM, which allows various companies to know exactly who reads what, where, and how and to manipulate what can be done with files without a user’s consent (e.g., deletion of files, removal of certain features, watermarking files with purchaser’s names, etc.)
• perhaps most relevant, the growing evidence that DRM has not been able to combat piracy to any significant extent (Combatting piracy, ironically, was the main reason for DRM’s existence. DRM may have, in fact, led to its upsurge.)

To better understand why DRM has not lived up to early expectations—to prevent piracy so that the publishing industry would not go through the same problems faced by the music industry with illegal file sharing services like Napster in the 1990s—it helps to take a closer look at the DRM narrative from various angles, not only from the angle of concerned authors and publishers. These include the viewpoints of the following:

• legitimate consumers (how DRM restrictions have affected their overall experience of reading files digitally) and consumers who continue to pirate e-books (how and why they continue to do it in staggering numbers)
• publishers and authors who do not support the use of DRM (and why they offer their books to the public with no DRM protection)
• libraries (whose main mission is to promote reading and literacy, which are concerned with protecting privacy of patrons, which tend to be against excessive technological and legal control while also wanting to respect the rights of content creators, and which, usually being stuck in the middle, want to consider the concerns of both content owners and patrons)
• industry leaders and organizations that advocate DRM-free content and have encouraged the book industry to move beyond DRM by suggesting initiatives, products, and new ways of thinking about e-books

Only when we can better understand DRM from various perspectives and gather enough evidence that points to its ineffectiveness in combating piracy can we propose new ways of ensuring that books can still be published in a way that does not harm those who produce them (authors and publishers), while at the same time not sabotaging the experience of those who consume them (readers and researchers).

Book publishers continue to implement DRM in their e-books and other digital files primarily because they do not want to go through the well-documented struggles of the music industry, which, back in the 1990s, produced CDs without coating them with DRM and allowed people to burn their own CDs (make copies), resulting in serious loss of sales revenue, which has taken a lot of time, effort, and creativity to recoup. According to Priti Trivedi, three major lessons have been learned from the music industry’s DRM struggles: the importance of content providers (1) communicating with consumers to manage their expectations, (2) providing content that can be used on various devices; and (3) being willing to adapt to new models of dissemination and content control.9 Although book publishers remain cautious about new models and new ways of thinking, and many remain uncooperative when it comes to loosening DRM restriction looking back to the beginnings of e-books two decades ago, book publishers have made great strides in regard to all three of these lessons, and despite the bumpy ride and the fact that much work remains to be done, progress has been made.

Notes

1. Mir Mohammad Azad, Abu Hasnat Shohel Ahmed, and Asadul Alam, “Digital Rights Management,” IJCSNS International Journal of Computer Science and Network Society 10, no. 11 (2010): 24–33.
2. Truls Fretland, Lothar Fritsch, and Arne-Kristian Groven, State of the Art in Digital Rights Management, MARIAGE Project Report 1018 (Oslo: Norsk Regnesentral [Norwegian Computing Center], 2008).
3. Brad Stone, “Amazon Erases Orwell Books from Kindle,” New York Times, July 17, 2009, https://www.nytimes.com/2009/07/18/technology/companies/18amazon.html.
4. Amber Sami Kubesch and Stephen Wicker, “Digital Rights Management: The Cost to Consumers,” Proceedings of the IEEE 103, no. 5 (May 2015): 726–33, https://doi.org/10.1109/JPROC.2015.2418457.
5. Jack Schofield, “Amazon Caves to Authors Guild over Kindle’s Text-to-Speech Reading,” Technology Blog, Guardian, March 1, 2009, https://www.theguardian.com/technology/blog/2009/mar/01/authors-guild-blocks-kindle-voice.
6. Chris Jay Hoofnagle, “Digital Rights Management: Many Technical Controls on Digital Content Distribution Can Create a Surveillance Society,” Columbia Science and Technology Law Review 5 (2004): 1–8, http://www.stlr.org/cite.cgi?volume=5&article=6.
7. Andrew Perrin, “Nearly One-in-Five Americans Now Listen to Audiobooks,” Fact Tank, Pew Research Center, March 8, 2018, updated September 25, 2019, www.pewresearch.org/fact-tank/2018/03/08/nearly-one-in-five-americans-now-listen-to-audiobooks.
8. Frederick W. Dingledy and Alex Berrio Matamoros, “What Is Digital Rights Management?” in Digital Rights Management: The Librarian’s Guide, ed. Catherine A. Lemmer and Carla P. Wale (Lanham, MD: Rowman & Littlefield, 2016), 1–25.
9. Priti Trivedi, “Writing the Wrong: What the E-book Industry Can Learn from Digital Music’s Mistakes with DRM,” Journal of Law and Policy 18, no. 2 (2010), article 10, https://brooklynworks.brooklaw.edu/jlp/vol18/iss2/10.