Fair Use, Drm, and Trusted Computing

Erickson, John S.
Thumbnail Image
Other Contributors
Issue Date
Terms of Use
Attribution-NonCommercial-NoDerivs 3.0 United States
Full Citation
Erickson, J. (2003). Fair use, DRM, and trusted computing. Commun. ACM, 46(4), 34–39.
The migration of trusted computing principles into end-user systems promises to increase the practical application of and market demand for digital rights management (DRM) technologies. Trusted computing platforms and the integration of DRM components into the operating system will likely make controlled, conditional access to content and services attractive for providers of copyrighted resources, and an increasingly common—if not always popular or desirable—part of the end-user experience. The ability of providers to reliably and deterministically impose rules on the end-user experience raises the question of who sets the rules dictating how users interact with digital information on their personal systems. Will the social policies and common practices that have traditionally influenced the copyright process be replaced by rules privately constructed by content owners and software providers? Will they be privately enforced by operating systems and DRM technologies? Conversely, can these emerging architectures help protect the limitations on copyright owners’ exclusive rights, preserving the flexible fair use doctrine? Here, I explore how access-control policies are evaluated, especially in the case of two rights expression languages—the eXtensible rights Markup Language (XrML; see xrml.org) and the eXtensible Access Control Markup Language (XACML; see www.xacml.org). Since the expression and interpretation of policies is but one layer of the general problem of asserting and protecting copyright with computer code, I emphasize the role of trusted systems in ensuring that computing agents interpret policies in reliable and deterministic ways. I also weigh the challenges inherent in expressing and enforcing policies that mimic social policies. Engineers often seek to simplify problems, but when the problem involves implementing legal statutes (such as copyright) with executable code, simplifications might actually do damage, especially if the solution gives either party more power to assert control than the law entitles.