14 Digital Rights Management-DRM /Access Management Part -I

Yatrik Patel and Jagdish Arora




Objectives of the module is to impart knowledge on i) basics of DRM; ii) functional architecture of DRM;  and iii) legal aspects and IPR issues in DRM.


Learning Outcomes 


After going through this lesson, learners would attain knowledge on basics of Digital Rights Management (DRM) and their usefulness in digital libraries. They would learn functional and information architecture of DRM and legal aspects associated with it.




1.      Introduction

2.      Digital Rights Management (DRM)

3.      Functional Architecture of DRM

4.      Information Architecture of DRM

4.1.    Modelling the entities

4.2.   Identifying and Describing the Entities

4.3.   Expressing Rights Statements

5.      DRM and Legal Aspects

6.      Summary





1. Introduction


Advances in information and communication technologies including computing, communication, consumer electronics and their convergence has significantly contributed to efficient and effective management of a large volume of digital content as well as the way it is generated, stored, disseminated and accessed.


The term “digital content” may include information that can be distributed over electronic media such as PCs, laptops, tablets, smartphones and other similar devices. The digital content can be in any format such as text, images, video, audio, animation or combination of any of these types. The exponential increase in generation and consumption of digital content has raised several questions about the rights of the content creator,producer and distributor as well as the rights and responsibilities of consumers. The current set of rules governing the appropriate use of content is also under question.


2. Digital Rights Management (DRM)


Digital rights management, is a general term used to describe a set of technologies which intends to simplify the practiceof preventing inappropriate use of digital content. These sets of technologies are being used by publishers, copyright holders, individuals and hardware manufactures with an intention to control the use of digital content and devices to protect it from in-intended use.


The intention of the first-generation DRM software is to control copying, the second generation DRM schemes extends previous one to control viewing, copying printing and altering (copy protection, prevention and control).


Digital Rights Management (DRM) encompasses the description, layering, analysis, valuation, trading and monitoring of the rights over an individual or organization’s assets; both in physical and digital form; and of tangible and intangible value. DRM covers the digital management of rights – being them rights in a physical manifestation of a work (e.g. a book), or being them rights in a digital manifestation of a work (e.g. an e-book). Current methods of managing, trading and protecting such assets are inefficient, proprietary, or else often require the information to be wrapped or embedded in a physical format.


Use of digital rights management is not universally accepted. Some content providers claim that DRM is necessary to fight copyright infringement online and that it can help the copyright holder maintain artistic control or ensure continued revenue streams for content creator or copyright holder. The supporters of DRM argue that digital locks should be considered necessary to prevent “intellectual property” from being copied freely, just as physical locks are needed to prevent personal property from being stolen. Those opposed to DRM contend that there is no evidence that DRM helps prevent copyright infringement, instead, it is argued that it serves only to inconvenience legitimate customers, and that DRM helps big business stifle innovation and competition. Furthermore, works can become permanently inaccessible if the DRM scheme changes or if the service is discontinued.


3. Functional Architecture of DRM 


The overall DRM framework which can be used for implementing digital rightsenabled system can be modelled in three areas:


•     Intellectual Property (IP) Asset Creation and Capture: The management of content creation so that it can be easily dealt. This includes an assertion of rights when content is first created (or reused and extended with appropriate privileges to do so) by various content creators/providers.


•     Intellectual Property (IP) Asset Management: The management of facilitating the trade of content. This includes acquisition of content from creators into an asset management system. The trading systems need to manage the descriptive metadata and rights metadata (e.g., parties, usages, payments, etc.).


•     Intellectual Property (IP) Asset Usage: The management of usage content once it has been traded. This includes supporting constraints over traded content in specific access devices /software.


While the above models comprise the broad areas required for DRM, the models need to be complemented by the Functional Architecture that provides the framework for the modules to implement DRM functionality as shown in following figure.

Figure 1: Functional Architecture of DRM


As shown in figure 1 above the functional architecture specifies the roles and characteristics of a number of supporting and interconnected modules under the three broad areas of Intellectual Property: Asset Creation, Management, and Usage.


The IP Asset Creation and Capture module provides functionalities for:


•      Rights Validation –for assurance of the fact that content being created from existing content includes the rights to do so.


•      Rights Creation – to allow rights to be assigned to new content, such as specification of the rights owners and applicable usage permissions.


•      Rights Workflow – to allow for content to be processed through a series of workflow steps for review and/or approval of rights (and content).


The IP Asset Management module provides functionalities for:


•      Repository functions – to enable the access or retrieval of content in potentially distributed databases and the access/retrieval of metadata. The metadata covers Parties, Rights and descriptions of the Works as described in Information architecture of DRM.


•     Trading functions – to enable the allocation of licenses to parties who have traded agreements for rights over content, including payments from licensees to rights holders (e.g.,  royalty  payments).  In  some  cases,  the  content  may  need  to  go  through fulfillment operations to satisfy the license agreement. For example, the content may be encrypted/protected or packaged for a particular type of usage environment.


The IP Asset Usage module provide functionalities for:


•      Permissions Management – to enable the usage environment to comply the rights associated with the content. For example, if the user only has the right to view the document, then printing will not be allowed.


•      Tracking Management – to enable the monitoring of the usage of content where such tracking is part of the agreed to license conditions (e.g., the user has a license to view a content only 5 times). This module may also need to interoperate with the trading system to track usage or to record transactions if there is payment due for each usage.


These three modules in combination provides the core functionality for DRM systems. The functionalities of these modules have been described only at broader level, however for practical implementation the modules needs to be operated with integration with each other. In addition these modules should also support interoperability, standard formats and protocols, openness and trust and other such related principles.


These modules are supposed to be the part of components to enable systems to be built in a modular manner, for modular approach there needs to be a set of common and standard interfaces/protocols between the modules that does not yet exist in a manner that is acceptable by everyone.


The Functional Architecture is only part of the solution to the challenges of DRM and just provides a framework. The actual Rights Management is more complex. For simpler implementations DRM systems must support the most flexible information model possible to provide for these complex and layered relationships. The Information Architecture provides this.


4.  Information Architecture of DRM 


The Information Architecture deals with how the entities are modelled in the overall DRM framework and their relationships. The main issues that require addressing in the development of a DRM Information model include:


•    Modelling the entities

•    Identifying and describing the entities, and

•    Expressing the rights statements


4.1.  Modelling the entities


It is important to adopt a clear and extensible model for the DRM entities and their relationship with other entities. IFLA has done some work in this area, In present context IFLA model will be taken as an example for modelling entities. The basic principle of the model is to clearly separate and identify the three core entities: Users, Content, and Rights as shown in following figure.

Figure 2: Core Entities Model


Users can be any type of user, from a rights holder to an end-consumer. Content is any type of content at any level of aggregation. The Rights entity is an expression of the permissions, constraints, and obligations between the Users and the Content. The primary reason for this model is to provide greater flexibility when assigning rights to any combination or layering of Users and Content. The Core Entities Model also does not constrain Content from being used in new and evolving business, models it also implies that any metadata about the three entities needs to include a mechanism to relate the entities to each other.


The Content itself also needs to be modelled. The key principle in the modelling of Content is its multiple “layers” containing its evolution and development from various intellectual stages. Such a model will enable explicit attribution of rights information. The IFLA model allows Content to be identified at the Work, Expression, Manifestation, and Item layers. At each of these layers, different rights and rights holders may need to be supported as shown in figure (3).


Figure 3: Content Model


The layers of the Content defined as Work (a distinct intellectual creation) and Expression (the intellectual realization of a work) reflect scholarly or creative content. On the other hand, the other layers of Content, defined as Manifestation (the digital embodiment of an expression of a work) and Item (a single exemplar instantiation of a manifestation), reflect physical or digital form.


As an example, consider “The story of My Experiments with Truth”.is the autobiography of Mohandas K. Gandhi, covering his life from early childhood through to 1921 It was written in weekly instalments and published in his journal Navjivan from 1925 to 1929. Its English translation also appeared in instalments in his other journal Young India.


The Expressions of the Work could then include:


•    The original text by Mohandas K Gandhi

•    Original Text in Gujarati

•    The English translation of the original text

•    Translator : Mahadev Desai


The Manifestations of the “English translation” Expression could include:


•    The  hard cover book published by Navajivan Publishing House (Ahmedabad), 1948

•    The paper back published byBeacon Press, 1993 The Items of the “book” Manifestations could include:

•    A physical hardcover book purchased from Books India retail store

•    A digital book(kindle version) purchased from Amazon Inc online store


By using this style of content modelling,different associated rights holders can be recognized, at any point. Another aspect that may affect rights is when Content is made of many parts. Some of these parts may have different rights associated with them that need to be recognized in the aggregated content.


4.2. Identifying and Describing the Entities 


All entities need to be both identified and described. Identification should be accomplished via open and standard mechanisms for each entity in the model. Both the entities and associated metadata records about the entities must be identifiable. Open standards such as Uniform Resource Identifiers(URI), Digital Object Identifiers (DOI) and the emerging ISO International Standard Textual Work Code (ISTC) are typical schemes useful for Rights identification.


Content should be described using the most appropriate metadata standard for that genre. It is also critical that such metadata standards do not themselves try to include metadata elements that attempt to address rights management information, as this will lead to confusion regarding where to describe such rights expressions. To describe Users, vCard is the most well-known metadata standard for describing people and (to some extent) organizations. An additional and important part of the Rights model is to articulate the role that the User has undertaken with respect to Content. A comprehensive list of roles can be found in the MARC Relators code list.


4.3. Expressing Rights Statements 


The Rights entity allows expressions to be made, permission that are allowed, constraints, obligations, and any other rights-related information about Users and Content. Hence, the Rights entity is critical because it represents the expressiveness of the language that will be used to inform the rights metadata.


Rights expressions can become complex quite quickly. Because of that, they are also modelled to understand the relationships within the rights expressions.


As shown in following figure, Rights expressions should consist of:


•    Permissions (i.e., usages) – what you are allowed to do

•    Constraints – restrictions on the permissions

•    Obligations – what you have to do/provide/accept

•    Rights Holders – who is entitled to what


Figure 4: Rights Expression Model


For example, a Rights expression may say that a particular e-resource can be viewed (i.e., a usage permission) for a maximum of 5 times (i.e., a count constraint) within a period of one month (i.e., a time constraint) for a ₹ 50.00 fee (i.e., an obligation to pay). Each time the content is accessed, Jagdish, Ashok, Abhishek and Kannan (the rights holders) receive a percentage of the fee. Usually, if a right is not explicit in an expression, it means that the right has not been granted. This is a critical assumption made by implementing mechanism (Rights Language) and should be made clear to all Users.


For an example of a rights language, see the Open Digital Rights Language. ODRL lists many potential terms for permissions, constraints, and obligations as well as the rights holder agreements. As such terms may vary across sectors, rights languages should be modelled to allow the terms to be managed via a Data Dictionary and expressed via the language.


5. DRM and Legal Aspects


Since pertinent laws and law making vary from country to country, it’s not possible to give insight to each and every legal aspect of DRM.


DRM systems have received some international legal backing by implementation of the 1996 WIPO Copyright Treaty (WCT). Article 11 of the Treaty requires nations party to the treaties to enact laws against DRM circumvention.


The WCT has been implemented in most member states of the World Intellectual Property organization.  The  American  implementation  is  the Digital   Millennium   Copyright Act (DMCA), while in Europe the treaty has been implemented by the 2001 European directive on copyright, which requires member states of the European Union to implement legal protections for technological prevention measures. In 2006, the lower house of the French parliament adopted such legislation as part of the controversial DADVSI law, but added that protected DRM techniques should be made interoperable, a move which caused widespread controversy in the United States.


In India, The Indian Copyright Act, 1957 has been designed from the perspective of a developing country. It has always attempted a balance between various kinds of interests. It has always sought to ensure that the rights of author’s of creative works is carefully promoted alongside the public interest served by wide availability and usability of that material. For instance, our Copyright Act has provisions for:


•     Compulsoryand  statutory  licensing:  recognizing  its  importance  in  making  works available, especially making them available at an affordable rate.


•     Cover versions: recognizing that more players lead to a more vibrant music industry.


•     Widely-worded right of fair dealing for private use: recognizing that individual use and large-scale commercial misuse are different.


This act was amended by The Copyright (Amendment) Act 2012, passed by the Lok Sabha (lower house of Parliament) on 22 May 2012withthe provisions that relate to the protection of digital rights management (DRM) techniques. This made the Indian Copyright Act compliant with the WCT and the WPPT.


6. Summary 


Digital technology has not only created new risks from right holders but also created opportunities for widespread cost effective distribution, as well as a new tool for controlling content. Number of approaches are being deployed to make digital works difficult to copy, distribute and access without necessary permission. This module elaborates onmodelling framework and architecture of these technologies popularly known as Digital Rights Management (DRM).




References and Further Reading: