[Paper Overview] [DRM-Workshop Homepage]

Position Paper on Digital Rights Management for the Web

Sebastian Holst, Artesia Technologies
sebastian.holst@artesia.com

1. Introduction

This paper presents thoughts that we consider important to understanding Digital Rights Management (DRM) for the Web. Omission of a topic should not be taken to imply that we do not consider that topic to be a requirement or a part of a feasible approach.

Rights and permissions have, for the most part, been conceptualized and applied in fairly narrow contexts such as book or music publishing, promotion and merchandizing, and other specific business contexts. The general and far-reaching nature of the web forces a reassessment of many basic assumptions about the uses of content-centric assets (digital assets). As such, we submit that specific facets of DRM are critical and general enough to warrant the attention of the W3C and its members.

The following two examples are intended to illustrate how emerging practices on the web challenge fundamental assumptions about traditional rights and permissions and beg the question of how rights and permissions can, in a general way, be associated with any digital asset on the web.

Example 1: Top-tier fashion models' contracts stipulate that their images cannot be used to promote discounted merchandise. The logic behind this restriction of use is that a model's likeness is his or her brand. To become "last year's model" is to directly dilute that brand.

Issue: How does this condition impact variable pricing applications within retail portals? How can this potential infraction be detected or prevented?

Example 2: It is common for an entertainer to restrict the use of their likeness in proximity to another public figure, e.g. Britney Spears next to Christina Aguilera or Madonna next to Courtney Love. The logic is that specific artists juxtaposed from one another diminish their uniqueness and therefore their value.

Issue: How does this restriction impact dynamic assembly of content on commercial web sites that are driven by personal profiles or sales volume? How can this potential infraction be detected or prevented?

These two very simple examples illustrate that in order for the web to become a full featured participant in our society and in commerce, its "best practices" must be able to accommodate the unique and long established conditions of use that are associated with high value digital assets.

2. Position

We suggest that the following two considerations be incorporated into any ongoing W3C web DRM efforts.

• We propose that a model for web digital rights management account for existing and anticipated applications of rights and permissions for both online and offline use of digital assets.

This expands the scope of web DRM to include the tracking and management of rights for digital assets beyond the web. A digital asset on the web can be easily transformed into an asset or intellectual property outside of the web. As such, the rights one asserts on such an asset must include these extracurricular uses.

The practice of enforcing rights and permissions to underscore the commercial and cultural value of content, media and intellectual property exists as a distinct practice completely apart from the web. While the web's capabilities, ubiquity and potential for social impact is immense, the web's full potential is felt when it is integrated into, rather than set apart from, the rest of society and commerce. The mere fact that a digital asset can be transported via HTTP does not imply that the rules for its use will not include print, traditional broadcast and other transport mechanisms outside of the W3C's core interests. In order to maximize the utility of web-based solutions, the semantics of the model must support the tracking and articulation of rights and permissions connected with all forms and uses of an asset - not just its web-based manifestation.

• We propose that, as an initial effort, the W3C only focus on the capture, communication and authentication of rights and not concern itself with enforcement, workflow and other sub-categories within the "DRM umbrella."

This restricts the scope of web DRM to those areas that are truly general (or horizontal), can be well understood with a reasonable effort, and would benefit from the availability of an interoperable framework.

Digital Rights Management (DRM) is a term that has been broadly applied to include digitally (or electronically) creating, managing, negotiating, transacting and enforcing rights and permissions for both digital and non-digital assets. Each phase or segment of DRM has its own characteristics, i.e. varying degrees of generality, suitability for standardization, consensus around best practices, etc. Inspection of the complete spectrum of potential DRM sub-tasks has led us to conclude that not every facet of DRM is well suited for W3C work. The following topic areas appear to offer themselves up as strong candidates for further development as requirements. They are listed in no particular order.

• Intellectual Property in Content and Metadata
  It is likely that there will be distinct rights associated with metadata. An example would be a survey response where access to the respondent's personal information is more restricted than the survey responses.
• Scope
  A single asset will often have multiple components, some of which may have distinct rights associated with them. These can include the first chapter of a book, a low-resolution thumbnail of a high quality digital image, or a low quality version of an audio track.
• Rights Events
  Events include major activities like manufacture or publish. Each Event can be further specialized. Collections of valid Event types are Rights Lists.
• Rights Lists
  Specific instances of Rights Events like CD within manufacture or paperback within publish are examples of Rights List instances.
• Authentication of Rights
  A method for validating the relevance of a set of rights on an asset as well as validating that specific rights are appropriate to a particular asset.
• Rights Statements
  A means to assert specific rights upon an asset. This may be embedded into an asset or referred to from an asset.
• Rights Agreements
  A means to capture an agreement between parties on specific statements.
• Rights Transactions
  A means to capture and potentially fulfill the terms of a Rights Agreement.
• Rights Supplementation
  A means to enhance rights semantics and syntax to accommodate industry and vendor specific behaviors. Ideally, this is accomplished without having to modify or reconstruct existing assets. This is analogous to DBMS schema evolution and the techniques required to avoid massive data corruption and/or modifications as the time of the schema update.
• Modifying Rights
  A means of updating rights associated with an asset. Ideally, this is accomplished without having to modify or reconstruct the asset itself.
  
  
• Quality, Scalability, and Economy
  Without a stable recommendation and a scalable architecture, it is unlikely that we could ever achieve the level of web DRM interoperability required to drive automated/semantic digital asset management and distribution.

3. Final notes

Artesia Technologies is prepared to commit a senior technologist to a DRM working group should it be approved by the W3C membership.

Artesia Technologies develops enterprise Digital Asset Management (DAM) software. Our core product, TEAMS™, enables organizations to capture, manage, and assemble digital assets - video, audio, images, graphics, and text. Our customers include General Motors, Time Warner, Bertlesmann Music Group, The Washington Post and The Library of Congress.

Given the nature of the workshop, there has bee no effort to carefully define terminology or to footnote references. However, the many of the concepts in section 2 have been derived from The <indecs> metadata framework, Principles, model and data dictionary, June 2000, WP1a-006-2.0. Godfrey Rust, MUZE Inc, Mark Bide, EDItEUR (http://www.indecs.org/pdf/framework.pdf).