December issue of the Open Source Business Resource

The December issue of the Open Source Business Resource is now out (PDF)

This issue includes (pp 29-33 in the PDF) my article titled "Protecting Information Technology Property rights". This article, and a letter to the editor, also promote The Canadian Software Innovation Alliance, which has launched a new website.

Here is an excerpt of my article:

The Two Locks of DRM

When I am explaining DRM to politicians, I feel like I am Ralph Nader back in 1965. He explained that with an automobile accident there are two collisions: the car hits something, and the passenger hits the car. While automobile safety up to that point concentrated only on the first collision, it was quickly understood that safety features should concentrate on the second collision. This gave us dashboards that weren't made out of metal, seatbelts, air bags, and other such second-collision safety features. We have the same problem with DRM where policy makers think there is only one "digital lock" being discussed, when in fact there are two and it is the lock they are less aware of that is the source of most of the controversy.

While the phrase Digital Rights Management (DRM) is used to refer to many unrelated things (See article on "Open Digital Rights Language" in this issue, a non-controversial technology), the controversial form involves the use of a technical measure (most often cryptography) applied to two things: a digital lock on content, such as music, where that content can only be accessed with authorized tools containing the right decryption keys, and digital locks applied to access tools to disallow their owners/operators from controlling the tool. A tool can be software or a hardware/software bundle.

Both of these locks are harmful to software developers. The first lock is anti-competitive in that it forces people who wish to access encoded digital content to use specific brands of technology. If someone wants to access music downloaded from Apple's iTunes music store, they will be running Apple software. If someone wants to access encoded music downloaded from the new Industry-run Napster, they will need to be running Microsoft software.


The second lock is far more controversial. The intention is to lock down the operations of the device such that the owner can not control it. The most obvious feature of such a system will involve disallowing the owner from making their own software choices, thus disallowing them from choosing software with features more favourable to the user. In fact, software that allows people to modify the software in any way, one of the requirements for being open source, will never be allowed.

The more effective this technical measure, the less software choices hardware owners will be able to make, with the most effective technical measure disallowing the owner of the hardware from making any software choices. We see this already today with hardware such as the TiVo where the BIOS is configured to only allow binaries which have been digitally signed by the manufacturer to run, meaning that the manufacturer makes all the software choices.