[Paper Overview] [DRM-Workshop Homepage]

Reuters - Position Paper for Workshop on Digital Rights Management

David Parrott
David.Parrott@reuters.com

Copyright Reuters 2000. All rights reserved.
Note: The W3C-Document-License was granted

Perspective

Reuters is in the business of information; it is, amongst other things, a producer of high-value content. The products and services that Reuters supplies are based on information in the form of multimedia news (including text, still pictures, and audio/video), financial data, transactional data, and editorial content in numerous forms. The information delivered includes both discrete content files and continuous streams of discrete updates. Both historical and real-time information is available, and transaction processing is a key part of the business.

The bulk of Reuters products is delivered electronically. Historically, this has been over proprietary networks onto the screens and servers of closed user communities. While Reuters continues to pursue that mode of delivery, in more recent times Reuters vision has been defined as "making financial markets really work on the Internet".

Open networks, such as the public Internet, offer significant benefits but are also fraught with difficulties. On its closed networks, Reuters has honed its expertise in the field of permissioning and access control via the provision of bespoke entitlements systems. In the Internet world, by contrast, the degree of access control requires a more comprehensive and off-the-shelf solution such as that offered by Digital Rights Management (DRM).

What Reuters Needs from DRM

To date, much of the proprietary effort in building DRM solutions has been directed towards the delivery of simple, finite bounded content such as video, eBooks, music, and on-screen graphics directly to human "eyes and ears". Reuters needs DRM to work in an open, not proprietary, manner and to be able to cope with complex data types, delivered to machines (in addition to human beings) for customer-defined processing. Moreover, there must exist safeguards to ensure that all is not lost when the security of DRM systems is compromised.

In summary, three of the most significant issues facing users of DRM technology are:

  1. The proprietary nature of systems (i.e., the lack of deployed standards and interoperability, both in terms of rights markup and in an operational sense).
  2. Limitations in the way that trust is implemented, with a heavy bias towards trusted applications which focus on data types delivered directly to human "eyes and ears". Where Reuters customers define their own machine-processing requirements for Reuters data, the traditional DRM approach of pre-defined browser plug-ins no longer applies. A mechanism for customers to build trusted applications is highly desirable.
  3. The failure of DRM solutions to address aspects of security such as "detection" and "action" following a security breach. Current DRM systems concentrate solely on "preventative" security, which is criticised because no system is fool-proof.

The key to much of the above is to build open, interoperable DRM systems. This is a vast space and encompasses the following:

Interestingly, a secure open-systems approach obviates the perceived need for DRM technology to be pushed down into operating systems. This mirrors the way that interoperable Public Key Infrastructure systems do not particularly require operating system support. Indeed, as with PKI systems today it is possible that operating systems could in the future provide some of the trusted component functions, more as a convenience than as a necessity. PKI also provides a good example for why DRM needs to become open and interoperable. No right-thinking business would seek to deploy a PKI solution if it precluded interaction with users of other PKI systems. The same will be true for DRM.

In addition to openness and interoperability, there is a requirement for extensibility. This is especially true for the language of rights markup. Current systems often deal in straightforward rights for printing, playing, and executing content (amongst others) but fail to address some of the more esoteric rights such as fair-use applications and rights to quote, subject to the constraints of quoting in a specified context.

Expectations from the Workshop

Key outputs from the workshop for Reuters are:

Reuters Contribution

From a background of delivering content electronically over a variety of media, Reuters has insights into many of the problems facing DRM in order for it to develop into a truly useful technology. Reuters has been looking at the application of DRM technologies for over three years and has a sound appreciation, from the content provider's perspective, of DRM's limitations and areas of potential development. Topics on which Reuters can contribute to the debate include:

Conclusions

Reuters has a desire to make DRM work. Until now this has been driven mostly by the requirement that Reuters has to protect its intellectual property rights on open networks coupled with the notion there is a certain credibility about DRM. This is not enough. DRM must be proven to work flexibly and openly in a number of key business areas and must overcome the criticisms leveled at it by experts such as Bruce Schneier in his recent book "Secrets and Lies".

Unless strong arguments to the contrary are made, Reuters will continue to view DRM as a potential, albeit partial, solution to the problem of protecting intellectual property rights on open networks. However, the search for alternatives will not cease until compelling arguments are presented to support the widespread deployment of DRM technology.