By CIOinsight

Web Extra: DRM: Turning Pirates into Distributors

Digital content control technologies used to be the sole domain of entertainment firms seeking to put digital locks on music, films and books, to protect them from being distributed illegally online. Now, though, companies across industries are looking at the technology—not so much to prevent stealing but to promote themselves to potential customers. CIO Insight Copy Chief Debra D'Agostino chatted recently with Ranjit Singh, an early pioneer of DRM technology, to talk about the new trend. What follows are excerpts of that interview.

Where is DRM in terms of acceptance?

There needs to be a standard for interoperability of rights management systems. And there also have been political and technological barriers. Take the political barriers. Many people don't want their content to go out on the Internet.

The media companies have expectations that these technologies can protect their content forever. But there is no such thing as security forever, because there are just too many smart people and there is too much computing power available in the world to make those kinds of promises. Anyone who tells you that their digital content controls can protect content forever is probably not telling you the truth.

What these controls can do, however, is help you to choose the appropriate locks you need to put on the content you're seeking to protect. This determination involves making decisions about the value of content to the corporation. It's got to do with strategy as much as being clear with people what you can deliver.

From a technology vantage point, this whole issue of interoperability is key and, once again, there's been a lot of effort to standardize content control processes, but people don't want to have a disadvantage if another standard is adopted.

People are now looking to get value for their technology through IP, licensing or, say, charging someone a tenth of a penny each time they make an electronic print—what is called content metering. There's also the idea that because you're using my technology, you must give me a percentage of the value of the content that my technology is being used to protect.

DRM beyond Entertainment

DRM beyond Entertainment

Is that a direction that DRM may take in the future?

It will get into price per transaction, just like you have in the credit-card business, and maybe there's a minimum charge per transaction. I don't think DRM will be able to ask for what the credit card companies ask for—something like two and a half percent of the value of the goods that you purchased.

When you're dealing with electronic, I don't think people will be willing to pay that much of a percentage. But they may be willing to pay a small transaction fee independent of the volume. If I'm buying an electronic good worth $20,000, for example, I don't want to be paying one percent of that. So I think this whole issue of metering and fair and equitable payment schemes is something that will have to be worked out in the future.

Further, there have been a lot of people trying to do end-to-end systems and, quite frankly, they've not been able to link up all the systems from billing to the selling of content. And that has been a factor that has delayed the deployment of DRM. But it still carries a hell of a lot of promise.

Originally, DRM was seen as something that only entertainment companies were using; now it's being more widely adopted across industries, by financial firms and also by healthcare firms. How can non-entertainment companies use DRM?

What DRM allows you to do is specify that content can only be used for specific reasons. Turn that around to a financial institution, for example, so that instead of selling its research material, it is actually in the business of acquiring customers. And if you take a financial institution, they will spend anywhere from $500 to $2,000 to acquire a financial customer. Now, imagine what you can do if you can now send these reports to people and actually encourage distribution, whet their appetites for it. It's a new marketing play.

You can say to someone, "If you want to open this, just give me your name and telephone number, and you can view it for free." So it becomes a marketing tool where you can now reach markets of many targeted at once. That's the beauty of this technology. Combined with the Internet, you can really reach and advertise to individuals with markets of millions.

And it's true in medical records, with such things as compliance with new federal data privacy regulations that govern personal medical records. As they're kept electronically, there is a need for controlling access.

Say I'm sending my doctor an electronic copy of my medical records—but using digital content controls, I can tell the doctor that he or she can only view them on a particular Tuesday afternoon between 4:30 p.m. and 5 p.m., the time I'm going to be visiting that doctor. This way, I'm not giving my doctor the ability to look at my records at any time and send them all over the place. I can get very specific about usage rights.

Usually, you don't want your records put on the Net or distributed to your new insurance company, say. DRM is all about protecting somebody's rights to the information.

You know, people really confuse the issue when they talk about who has the rights to content. The way I define digital rights management is that it's the ability of the owner of the content to distribute content electronically and with the knowledge that it will be used according to his or her wishes.

What can those wishes be? Getting notification when someone reads, say, a magazine article online. Or you could say you can read this electronically, but I don't want you making a printed copy. In either event, you are defining how content that belongs to you or your company gets used.

It's all about the distribution of content, electronically over the Internet, and having the ability to define how people use it, for what purpose and for how long—and under what conditions.


. Asset Management">

DRM Vs. Asset Management

What's the difference between digital rights management and asset management?

Asset management is really part of the value chain for digital content. Before you start to distribute content over the Net and make money from it—or simply distribute it according to your wishes and your policies—you want to be able to manage it. This is a necessary part of the content value chain.

Some have said that DRM can also help firms expand their use of online collaboration in-house, to make digital products and to protect intellectual property from leaking out the door via the Web.

Companies right now say they want to encourage collaboration and yet they also want security. We're faced with these principles every day. You go into meetings and say, "This material is confidential and it will remain in the room." Now you don't want to take it out of the room because you've agreed to abide by the policies of the meeting holder.

The big-picture things with regard to collaboration really have to do with looking at applications of where it can be used inside the organization—places where people need to be able to control the use of content.

That could be limiting pieces of content to certain areas, it could be allowing connections to the consumer of the content and, like a financial institution or any enterprise, the CIO or the CFO may send a very detailed financial report. He or she can then start to specify that all of his or her peers can use all of it and can cut and paste it, and so forth. He or she can also stipulate that, say, the level below the peer group can only view it and can make a printed copy of it. DRM can also let someone say there are only a few individuals who can see it, or part of it, at all. DRM gives you that kind of flexibility.

This kind of control can cut across many organizations inside the company. You also could start to determine the rules by which certain documents can travel between corporations, and ensure that the rules that both sides have agreed to will be applied.

DRM and Profits

DRM and Profits

Are companies using DRM just to stop leaks and to ensure security of their documents, or are they trying to use it to plump up profits as well?

There are applications in streaming media, for example, where people are using DRM to go to the same Web site and are being able to have a very customized view of what they can and cannot see. Applications governing usage can save an organization from having to make multiple copies or multiple slices of the same content, and so you can store it once and publish it in many ways, many customized ways. So there are also cost-saving implications there as well.

There are other applications that, say, would let a company touch the user, allow training in certain courses, know when somebody's logged on, and how long they're looked at materials, and so forth.

Is DRM something that you think all companies, eventually, will be doing?

I think it certainly is, but it's going to take a while—like most new technologies. I think there are applications that will take off much sooner than others, you know, working in healthcare, financial services. And I think once the media companies know what their business models are going to be for their content and how they are going to distribute that content electronically, you will see a great upsurge. But I think that like most technology, you go after certain verticals first—where there are pains that this technology can solve. Then we will see a much wider acceptance of this across industries.

What's the CIO's role here?

The CIO really has to partner with the business manager when he or she is talking about this technology and the benefits that this technology brings to the business manager. I talk to financial institutions and I was telling people at one of them that they can resell their research online and control it from being reprinted, using DRM.

Suddenly, one marketing guy said, "You mean to tell me that you can determine how many times something has been forwarded?" I said yes. Let's say I'm a subscriber to some research, and I send it to 20 of my friends.

Now when my friends open up the document, it will say, "Okay, this document was received from Ranjit Singh and by the way, would you mind answering a couple of questions first, before you read on?" You can have it for free, you can read it. Now if those people become customers at some point, you can actually give me a reward by giving me two stock transactions for free.

For too long we've been in this mode of saying I don't want pirates to take my content away for free. But I believe we should turn those pirates into customers, or at least those who can help us distribute the content. Rather than let them steal it, pay them a commission to simply pass it on. Turn the pirates into customers or into your suppliers and distributors.

That's your new business model right there.

Exactly. That's what I was saying to the media companies about Napster. If you can now track who has material, then you can deputize them, and pay them a commission for distributing stuff for you.

It's essentially turning the people who are taking your content into sellers of your content.

Exactly. Turn the pirates into your distributors. With DRM, you know exactly where your content is and where it's being used and how it got there. You also have to pick and chose where you are getting return on investment, limit your first sets of deployment, make it manageable, and don't make it intrusive for the user.

Because as soon as you start to put limitations on the user, they will start to dislike the use of these type of systems more and more.

This article was originally published on 10-11-2002