I wrote recently about the Velvet Revolver album that is “protected” by SunnComm ‘s ineffectual CD anti-copying technology. The technology was doomed to fail – and has in fact failed – to keep the music off the popular P2P filesharing systems.

It turns out that things are even weirder than I had thought: the very same album was released in Japan without DRM (according to Alex Halderman, who has a copy of the Japanese release). So even if the DRM technology were perfect, the music still would have leaked, via Japanese buyers, onto the P2P darknet.

DRM costs the record company money to deploy, because the DRM technology must be licensed, and because of lost sales due to DRM-induced consumer inconvenience. So why in the world would a record company pay to DRM an album in some places and not in others?

One possible explanation is that the record company is not thinking clearly about the consequences of their DRM strategy. Based on the conversations I have had with record industry executives about their DRM strategy, this theory is quite plausible.

Another possibility is that they aren’t actually trying to prevent P2P copying of this album, but are instead trying to create evidence that US consumers will accept DRMed products. As I wrote previously (“Lame Copy Protection Doesn’t Depress CD Sales Much”), experience with the Velvet Revolver album seems to indicate that consumers see the DRM as a drawback, but many are buying it anyway because they think the music is good enough to outweigh the harmful DRM.

A third possibility is that they are worried about some other threat model, not involving P2P. Perhaps they think the DRM can prevent individual disc-to-disc copying. It’s not clear how much the technology will really do to prevent such copying, or how many sales would be saved by preventing such copies. (My guess is that most people who make disc-to-disc copies would not have bought a second copy.)

My best guess is that this is just one of those odd behaviors ones sees in large organizations that are in denial about an important issue. Shipping DRMed discs in the US shows that deployment of CD DRM is proceeding on schedule, thus allowing some in the industry to maintain their self-delusion that the CD DRM strategy is viable.

Movie studios are considering an elaborate DRM scheme to limit copying of promotional “screener” videos distributed to Academy Award voters, according to an AP story by Gary Gentile.

The article’s description of the scheme is a bit confusing, but I think I can reconstruct how it works. The studios would distribute a special new DVD player to each person receiving videos. Each copy of a video would be encrypted so that only a particular person’s DVD player could decrypt it. The videos would also contain some kind of watermark to identify each individual copy.

The technology vendor, Cinea, makes a carefully calibrated technical claim:

Cinea executives said that with enough time and money, a hacker could eventually circumvent the encryption technology hardwired in a single DVD player, but the watermarking will help authorities track down that player.

The discs, by themselves, cannot be hacked, [a Cinea executive] said.

Assuming that this claim is correct, the discs must not be using the lame CSS encryption scheme used by normal DVDs. (CSS is so weak that encryption keys can be recovered easily from a single encrypted disc.) If the designers are smart, they’re using a standard encryption method, in which case it’s probably true that a single disc is not enough to recover the encrypted plaintext. Of course, it’s easy to access the video given a disc and a player – that’s the whole point of having a player.

It’s not clear how sophisticated the watermark would be. Last year, a simple, weak watermark was sufficient to catch a guy who distributed copies of Academy screener videos on the net.

All of this expensive technology might be enough to keep screener videos from leaking onto the net. But this kind of technology won’t work for consumer DVDs. Tethering each disc to a single player would cause major headaches for consumers – imagine having to buy all new discs whenever you bought a new player.

Worse yet, anybody could capture and redistribute the analog output of one of these players. Even if the watermark scheme isn’t broken (and it probably would be, if it mattered), the best the watermark can do is to trace the redistributed copy back to a particular player device. If that device was stolen, or transported to an outlaw region, there is no plausible way to catch the actual perpetrator. This might not be a problem for a modest number of devices, used for a short period by known people, as in the case of screeners; but it would be a fatal flaw on devices that are distributed widely to ordinary people.

UPDATE (July 7): Ernest Miller has some interesting comments on this issue.

A CD “protected” by the SunnComm anti-copying technology is now topping the music charts. This technology, you may recall, was the subject of a paper by Alex Halderman. The technology presents absolutely no barrier to copying on some PCs; on the remaining PCs, it can be defeated by holding down the Shift key when inserting the CD.

SunnComm execs say that this demonstrates consumer acceptance of their technology. A quick look at the consumer reviews at Amazon tells the real story: the technology causes significant problems for some law-abiding customers, and many customers dislike it. Many customers find the technology bearable only because it is so easily defeated, thereby allowing customers who, say, want to download songs from the album onto their iPods a way to do so.

Alex Halderman reports receiving at least three unsolicited emails this week thanking him for explaining how consumers can stop the SunnComm technology from impeding their fair use of this album. Here’s one:

Hello,

Thanks for the great article on this topic. I just bought the new Velvet Revolver CD and was not able to listen to it on my computer or import it into my iTunes program. I did use their “Copy” option which saved the files as Windows Media Files but these couldn’t be converted by iTunes. Well this is not acceptable and within about 5 minutes I was able to find your article and disable the lame driver.

Keep up the great work!

Another, in addition to discussing the fair use issue, says this:

If I wasn’t such a fan of this band, I would have taken the CD back in protest. But alas, it’s the only way to be legal and I wish for the artist to reap their financial benefits.

Needless to say, the SunnComm technology has not kept the songs on this album off of the filesharing systems.

Frank Field offers an interesting analogy:

DRM is a folding chair – specifically, it’s one of those folding chairs that people use after shoveling out the snow from a parking space that they use to claim it after they drive away.

For those of you who don’t have to cope with snow, I know that sounds incredible (it was to me when I moved here from South Carolina), but this is a real problem in cities with limited parking and poor snow removal. People who shovel out their cars will have a ratty old folding chair or an old street cone or, if they’re feeling really aggressive, an old kid’s toy that they will plant squarely in the middle of the shoveled-out parking space. This object “marks” the spot, and everyone knows what it means – this is my spot: park here and you will suffer the consequences.

This struck me, in part, because it echoes an example I like to use. When teaching about the theory of property, I start with a class discussion about whether there should be a property right in shoveled-out parking spaces. It’s a helpful example because everybody understands it, few people have a predisposition one way or the other, and it exposes most of the tradeoffs involved in creating a new form of property.

As Frank describes it, “ownership” of a Cambridge parking space is effected not by any legal right but by the threat that noncompliant cars will be vandalized. This is a key distinction. Typically, some of my students end up endorsing a limited property right in shoveled-out parking spaces, but my guess is that they would feel differently about a system created by private decree and “enforced” by vandalism.

This is where the analogy to DRM gets complicated. DRM systems don’t trash the computers of noncompliant users, so they don’t rely on the same kind of intimidation that Frank’s folding-chair owners use.

But Frank’s analogy does work very nicely in one dimension. DRM developers, like Cambridge folding-chair owners, are trying to establish a social norm that people should keep out of the territory they claim. Such claims should be evaluated on their merits, and not just taken for granted.