What You Must Know About DRM

5 2. User tracking via download or subscription service: This DRM model supplements the aforementioned ID linkage model. The DRM application requires that the user reconfirm that he or she will not copy a product for resale or sharing. At present, this is the most popular model for this type of data collection. The model not only catalogues the user under a user-specific ID, but also catalogues the customer's usage history of a product that has been downloaded from a system that is subscribed to and streamed whenever requested. The paper states that, "[t]his is a qualitatively more serious threat than those previously described. Many people would be willing to risk others knowing that they downloaded a pornographic video; fewer would want others to know that they watched this video 1,000 times." 16 A similar DRM model allows for the potential collection of usage data that may occur when a user subscribes to a package of services. The user does not actually download anything to his or her system but instead receives streamed elements of the package by request. If the streamed elements are viewed or listened to, such actions can be recorded, resulting in the collection of an individual's interests and usage patterns. As a result of the above-noted ability to collect and track personally identifiable information, DRM applications may allow for the creation of substantial, unregulated personal profiles. This ability not only creates the threat of inappropriate, non-consensual access to and disclosure of a customer's information, but also potentially provides other companies and law enforcement with a source of information on citizens by way of a court order or possibly by simply purchasing the information. 17 Privacy abuses do not necessarily come from the storage of such personal information but more from the threat that such a database may be subject to a security breach that reveals a user's personal information. Worse yet, some companies view personal information obtained from customers as a corporate asset that can be sold during bankruptcy proceedings. 18 Moreover, DRM systems, especially in the case of subscription-service-based systems, often create communication links between the user's and server's systems, which may be vulnerable to attacks from hackers and saboteurs. In this respect, some DRM systems require an open channel to feed data back and forth from user to the distributor in the same way that any distributed computing application requires users to maintain such channels (i.e., Instant Messenger, SETI@Home). Some DRM systems may actually be designed to harm a user's system. 19 In short, the privacy-invasive effects of DRM technologies are rarely addressed. Nor do DRM developers typically attempt to design privacy into their products. Currently, many DRM models focus on ensuring that the rights of the content providers and service distributors are protected, without sufficient regard for consumer privacy. We believe that DRM developers should examine how the current DRM models can be adjusted to provide greater privacy protection for consumers.