Get educated on the basics associated with home audio & video systems. Explore the technology behind things like CDs, amplifiers and rewriteable discs.

Related Categories:

> Video
> Television
> HDTV
> Speakers
> Home Theater Systems

REFERENCE LINKS

Please copy/paste the following text to properly cite this How Stuff Works article:

Layton, Julia. "How Digital Rights Management Works." 03 January 2006. HowStuffWorks.com. <http://electronics.howstuffworks.com/drm.htm> 13 May 2008.

by Julia Layton

Inside This Article

Introduction to How Digital Rights Management Works

DRM Framework

DRM Reality

DRM Controversy

Lots More Information

See all Audio articles

DRM Framework

The ideal DRM system is flexible, entirely transparent to the user and pretty complex stuff for a computer program to handle. First-generation DRM software sought merely to control copying. Second-generation DRM schemes are in their infancy right now and seek to control viewing, copying, printing, altering and everything else you can possibly do with digital content.

A digital rights management scheme operates on three levels: establishing a copyright for a piece of content, managing the distribution of that copyrighted content and controlling what a consumer can do with that content once it has been distributed. To accomplish this level of control, a DRM program has to effectively define and describe three entities -- the user, the content and the usage rights -- and the relationship between them.

Rights Expression Language "Rights" is not a very computer-friendly concept, and programmers have developed new computer languages to define the idea in digital terms. Two rights expression languages in use right now are the MPEG Right Expression Language (MPEG REL) and the Open Digital Rights Language (ODRL), both XML-based computer languages. ODRL utilizes rights terminology like "excerpt," "install," "lend," "modify," "play" and "sell." It also sets forth constraints ("fixed amount," "interval" and "range") and defines payments ("feeType," "prepay" and "postpay").

Let's take the example of a simple DRM scheme for an MP3-download site. Jane Doe logs on to a site she subscribes to in order to download Lauryn Hill's "Everything is Everything." Jane's subscription level entitles her to five downloads per month. In this case, the user is Jane Doe, and the content is Lauryn Hill's "Everything is Everything." Identifying the user and the content are fairly simple tasks. Jane probably has a customer ID number, and each MP3 file on the site probably has a product number associated with it. The harder part is identifying the rights -- the ways in which Jane is and is not allowed the use "Everything is Everything." Can she download it, or has she already downloaded her five files for the month? Can she copy it, or is she downloading an encrypted file and a corresponding key? Can she excerpt a piece of the song to use in her own audio-mixing software, or is the file locked? Usage rights include not only permissions and constraints, but also any obligations related to the transaction -- for example, does Jane need to pay extra for this download? Has Jane been promised a savings pass if she downloads this song? This would be included in the relationship between Jane, the song and the rights.

Let's say Jane has only downloaded three files so far this month, so this download is within her subscription rights. And let's say she received a promotional offer for $1 off next month's subscription fee if she downloads this song. Jane should be able to copy the file under fair use, but maybe she can only make three copies. And let's say the copyright holder denies anyone the right to excerpt its digital content. The DRM structure for this download might look something like this:

Sample transaction

Keep in mind that while the user entity stays the same each time Jane logs on to the site, the relationship between the user, the content and the rights can change. The DRM scheme must be able to adapt to changing conditions. If Jane increases her subscription level to one that allows unlimited downloads instead of only five downloads per month, the DRM software has to adjust to that new relationship. The DRM scheme has to be tied in to the Web site's back-end infrastructure so it can adjust the relationship on the fly. This is one reason why seamless DRM setups are difficult to implement: With no standards to go on and a set of commands not found in any other type of computer program (see "Rights Expression Language" sidebar), digital rights management software doesn't easily blend in with existing e-commerce architecture. Still, arguably the easiest transaction to control is a download from a Web site. The hard part is controlling what a user does with digital content once it's in her possession. How is the download site going to enforce Jane's usage rights? How do they know she's only going to make two copies of the file? This is where DRM can get sticky.

Automated DRM Companies like ContentGuard, Digimarc, InterTrust and Macrovision sell automated "DRM solutions" that include everything you need to set up a DRM scheme. ContentGuard's complete DRM toolkit lets copyright holders create and enforce licenses for their digital products and services, including everything from movie downloads to software use to Web-site access. The RightsExpress software uses the MPEG REL rights-expression language and guides the copyright holder through the process of defining a piece of content, defining a user and defining usage rights. The copyright holder can set access levels and encryption modes for the content, create a custom interface that lets users obtain content based on those settings, develop an enforcement model that verifies user identification and track the use of that content.