DRM and the Web
Rigo Wenning
ODRL Workshop
Vienna, 22-23 April 2004
Rigo Wenning <rigo@w3.org>
W3C/ERCIM
Sophia Antipolis, France
Plan
- Expectations
- Integration and Interoperability
- ID issues
- Enhancements and constraints
- DRM and Privacy
- DRM and Web Services
- DRM and P2P
Expectations
- EC IST mentions lack of DRM as a roadblock?
- iTunes works!
- Piracy is (the only) reason for bad business in the music sector?
- Voices talk about high prices for bad food!
Real issues
- Is the Privacy-issue solved?
- Does DRM integrate well into other DRM and into applications?
- Is there a solution to the issue that a digital copy can't be
distinguished from its original?
- Is DRM something that the Web Services Arena should think about?
- What about P2P?
The war is still going on
- Heavy lobbying to preserve a business model, where content is attached
to tangible goods.
- Erosion of exceptions to copyright and Droit d'auteur
- P2P is getting more sophisticated and more of a closed group
- P2P starts using signature - mechanisms.
DRM and the war
- As long as the war is going on, DRM - Schemes have uncertainety about
the semantics to use.
- In presence of unsecure semantics, application semantics are used.
- This will create a potential conflict with ever changing legal
semantics.
ODRL?
- ODRL is a framework to express semantics
- ODRL is not application semantics as it is a framework
- ODRL just perpetuates the semantic trouble
- ODRL will have to offer profiles to allow certainty
Missing Semantics?
- ODRL has a fairly complete set of semantics
- But it is missing the logical NOT
- NOT can be expressed with AND plus OR, but it gets more complicated
Example for NOT
Try to encode this simple sentence in ODRL:
- You can do whatever you want with my work, but if you make money with
it, give me 15%
ODRL says:
- A Permission that is not specified in any Rights Expressions is not
granted.
Conclusion o(n/r) NOT:
- ODRL is missing a wildcard mechanism or a NOT
- The more constraints on copyright, the simpler the expression in
ODRL
- Creative Commons is exactly the opposite
Interoperability and Integration
- Interoperability with other DRM languages
- Interoperability with the Web
Other Languages
Treat with both sides of the war:
- Interoperability with MPEG-21
- Interoperability with Creative Commons
This has be explored but can not be considered done
Integration with the Web
- Difficult integration into HTML
- Would need some binding mechanisms like in P3P
- Bind DRM to HTTP (URI) or to HTML (link rel?)
ID Issues
- One of the various splits at the W3C DRM Workshop was the
identification of objects
- This was also marked in the Team comment
- There is still a profile missing on how to use URI's to identify a
protected work just in any namespace.
DRM and Privacy
- A big issue in the W3C DRM Workshop, especially for the enforcement
engine
- Privacy is still a big issue
- Privacy might be misused as a term for general dissatisfaction
ODRL and Privacy
- Currently search for Privacy in ODRL gives one
hit
- P3P 1.1 is developing a generic p3p attribute to bind a P3P Policy to a
specific XML Element
- ODRL could use that solution to address privacy in a much better
way.
DRM and Web Services
- DRM is just yet another set of metadata
- DRM should integrate into the Web Services Model
- SOAP and WSDL contain an advanced failure mechanism that could be
used.
ODRL and Web Services
- ODRL is not defining a protocol but contains a binding
- The binding could be used to mix in to WSDL
- A Profile or Note would be nice
DRM and P2P
- Sounds like natural enemies, but it isn't
- DRM would allow to legitimize some of the P2P activities
- Psychology is key (see War above)
- Initiatives are missing to integrate effective DRM
ODRL and P2P
- Keep away from good/bad paradigms
- adjust your attacker model
- give people who want to do the right thing the opportunity to do the
right thing, not just throw away the data
DRM and Exceptions
- Risk of losing our history
- Does DRM generate a right to hack for history?
- Library Privileges are not implemented yet
- Keep Society and the needs of a democratic society in mind while
designing DRM.
ODRL and Exceptions
- This is still the weak point of ODRL and I still hope for a
revision
- Missing wild cards and NOT-operator
- There is still research ahead
- The exceptions show a lot about the spirit of design
Merci bien
- I hope I gave you some points for discussion
- Presentation is available on the Web
- http://www.w3.org/Talks/2004/04-odrl/