PrivDRM : a privacy-preserving secure Digital Right Management system

Digital Right Management (DRM) is a technology developed to prevent illegal reproduction and distribution of digital contents. It protects the rights of content owners by allowing only authorised consumers to legitimately access associated digital content. DRM systems typically use a consumer's identity for authentication. In addition, some DRM systems collect consumer's preferences to obtain a content license. Thus, the behaviour of DRM systems disadvantages the digital content consumers (i.e. neglecting consumers' privacy) focusing more on securing the digital content (i.e. biased towards content owners). This paper proposes the Privacy-Preserving Digital Rights Management System (PrivDRM) that allows a consumer to acquire digital content with its license without disclosing complete personal information and without using any third parties. To evaluate the performance of the proposed solution, a prototype of the PrivDRM system has been developed and investigated. The security analysis (attacks and threats) are analysed and showed that PrivDRM supports countermeasures for well-known attacks and achieving the privacy requirements. In addition, a comparison with some well-known proposals shows that PrivDRM outperforms those proposals in terms of processing overhead

Digital Rights Management, Fair Use, and Privacy: Problems for Copyright Enforcement through Technology

This article discusses the nature of Digital Rights Management (DRM) systems with regard to the problems they pose to traditional exceptions to copyright restrictions. Problems of fair use and the copying of material for preservation are examined in the context of the architecture of digital rights management systems, and the limitations of current DRM systems in accommodating these policies are examined. The monitoring of usage by the licensing modules of these systems is also criticized for its lack of protection of user privacy and the potential chilling of intellectual freedom. Various potential solutions to these are briefly surveyed with a view of improving DRM and preserving traditional library values

DRM and Privacy

Interrogating the relationship between copyright enforcement and privacy raises deeper questions about the nature of privacy and what counts, or ought to count, as privacy invasion in the age of networked digital technologies. This Article begins, in Part II, by identifying the privacy interests that individuals enjoy in their intellectual activities and exploring the different ways in which certain implementations of DRM technologies may threaten those interests. Part III considers the appropriate scope of legal protection for privacy in the context of DRM, and argues that both the common law of privacy and an expanded conception of consumer protection law have roles to play in protecting the privacy of information users. As Parts II and III demonstrate, consideration of how the theory and law of privacy should respond to the development and implementation of DRM technologies also raises the reverse question: How should the development and implementation of DRM technologies respond to privacy theory and law? As artifacts designed to regulate user behavior, DRM technologies already embody value choices. Might privacy itself become one of the values embodied in DRM design? Part IV argues that with some conceptual and procedural adjustments, DRM technologies and related standard-setting processes could be harnessed to preserve and protect privacy

Unlinkable content playbacks in a multiparty DRM system

We present a solution to the problem of privacy invasion in a multiparty digital rights management scheme. (Roaming) users buy content licenses from a content provider and execute it at any nearby content distributor. Our approach, which does not need any trusted third party--in contrast to most related work on privacy-preserving DRM--is based on a re-encryption scheme that runs on any mobile Android device. Only a minor security-critical part needs to be performed on the device's smartcard which could, for instance, be a SIM card

Filtering, Piracy Surveillance and Disobedience

There has always been a cyclical relationship between the prevention of piracy and the protection of civil liberties. While civil liberties advocates previously warned about the aggressive nature of copyright protection initiatives, more recently, a number of major players in the music industry have eventually ceded to less direct forms of control over consumer behavior. As more aggressive forms of consumer control, like litigation, have receded, we have also seen a rise in more passive forms of consumer surveillance. Moreover, even as technology has developed more perfect means for filtering and surveillance over online piracy, a number of major players have opted in favor of “tolerated use,” a term coined by Professor Tim Wu to denote the allowance of uses that may be otherwise infringing, but that are allowed to exist for public use and enjoyment. Thus, while the eventual specter of copyright enforcement and monitoring remains a pervasive digital reality, the market may fuel a broad degree of consumer freedom through the toleration or taxation of certain kinds of activities. This Article is meant largely to address and to evaluate these shifts by drawing attention to the unique confluence of these two important moments: the growth of tolerated uses, coupled with an increasing trend towards more passive forms of piracy surveillance in light of the balance between copyright enforcement and civil liberties. The content industries may draw upon a broad definition of disobedience in their campaigns to educate the public about copyright law, but the market’s allowance of DRM-free content suggests an altogether different definition. The divide in turn between copyright enforcement and civil liberties results in a perfect storm of uncertainty, suggesting the development of an even further division between the role of the law and the role of the marketplace in copyright enforcement and innovation, respectively

BlogForever D3.3: Development of the Digital Rights Management Policy

This report presents a set of recommended practices and approaches that a future BlogForever repository can use to develop a digital rights management policy. The report outlines core legal aspects of digital rights that might need consideration in developing policies, and what the challenges are, in particular, in relation to web archives and blog archives. These issues are discussed in the context of the digital information life cycle and steps that might be taken within the workflow of the BlogForever platform to facilitate the gathering and management of digital rights information. Further, the reports on interviews with experts in the field highlight current perspectives on rights management and provide empirical support for the recommendations that have been put forward