Digital rights management (DRM) is a generic term for access control technologies that can be used by hardware manufacturers, publishers, copyright holders and individuals to impose limitations on the usage of digital content and devices. The term is used to describe any technology that inhibits uses of digital content not desired or intended by the content provider. The term does not generally refer to other forms of copy protection which can be circumvented without modifying the file or device, such as serial numbers or keyfiles. It can also refer to restrictions associated with specific instances of digital works or devices. Digital rights management is used by companies such as Sony, Apple Inc., Microsoft, AOL and the BBC.
The use of digital rights management is controversial. Proponents argue it is needed by copyright holders to prevent unauthorized duplication of their work, either to maintain artistic integrity or to ensure continued revenue streams. Some opponents, such as the Free Software Foundation, maintain that the use of the word "rights" is misleading and suggest that people instead use the term digital restrictions management. Their position is essentially that copyright holders are restricting the use of material in ways that are beyond the scope of existing copyright laws, and should not be covered by future laws. The Electronic Frontier Foundation, and other opponents, also consider DRM systems to be anti-competitive practices.
DRM technologies attempt to control use of digital media by preventing access, copying or conversion to other formats by end users. Long before the arrival of digital or even electronic media, copyright holders, content producers, or other financially or artistically interested parties had business and legal objections to copying technologies. Examples include: player piano rolls early in the 20th century, audio tape recording, and video tape recording (e.g. the "Betamax case" in the U.S.). Copying technology thus exemplifies a disruptive technology.
The advent of digital media and analog/digital conversion technologies, especially those that are usable on mass-market general-purpose personal computers, has vastly increased the concerns of copyright-dependent individuals and organizations, especially within the music and movie industries, because these individuals and organizations are partly or wholly dependent on the revenue generated from such works. While analog media inevitably loses quality with each copy generation, and in some cases even during normal use, digital media files may be duplicated an unlimited number of times with no degradation in the quality of subsequent copies. The advent of personal computers as household appliances has made it convenient for consumers to convert media (which may or may not be copyrighted) originally in a physical/analog form or a broadcast form into a universal, digital form (this process is called ripping) for location- or timeshifting. This, combined with the Internet and popular file sharing tools, has made unauthorized distribution of copies of copyrighted digital media (so-called digital piracy) much easier.
Although technical controls on the reproduction and use of software have been intermittently used since the 1970s, the term 'DRM' has come to primarily mean the use of these measures to control artistic or literary content. DRM technologies have enabled publishers to enforce access policies that not only disallow copyright infringements, but also prevent lawful fair use of copyrighted works, or even implement use constraints on non-copyrighted works that they distribute; examples include the placement of DRM on certain public-domain or open-licensed e-books, or DRM included in consumer electronic devices that time-shift (and apply DRM to) both copyrighted and non-copyrighted works.
DRM is most commonly used by the entertainment industry (e.g. film and recording). Many online music stores, such as Apple's iTunes Store, as well as many e-book publishers, have imposed DRM on their customers. In recent years, a number of television producers have imposed DRM mandates on consumer electronic devices, to control access to the freely-broadcast content of their shows, in connection with the popularity of time-shifting digital video recorder systems such as TiVo.
An early example of a DRM system was the Content Scrambling System (CSS) employed by the DVD Forum on film DVDs since ca. 1996. CSS used a simple encryption algorithm, and required device manufacturers to sign license agreements that restricted the inclusion of features, such as digital outputs that could be used to extract high-quality digital copies of the film, in their players. Thus, the only consumer hardware capable of decoding DVD films was controlled, albeit indirectly, by the DVD Forum, restricting the use of DVD media on other systems until the release of DeCSS by Jon Lech Johansen in 1999, which allowed a CSS-encrypted DVD to play properly on a computer using Linux, for which the Alliance had not arranged a licensed version of the CSS playing software.
Microsoft's Windows Vista contains a DRM system called the Protected Media Path, which contains the Protected Video Path (PVP). PVP tries to stop DRM-restricted content from playing while unsigned software is running in order to prevent the unsigned software from accessing the content. Additionally, PVP can encrypt information during transmission to the monitor or the graphics card, which makes it more difficult to make unauthorized recordings.
Advanced Access Content System (AACS) is a DRM system for HD DVD and Blu-Ray Discs developed by the AACS Licensing Administrator, LLC (AACS LA), a consortium that includes Disney, Intel, Microsoft, Matsushita (Panasonic), Warner Brothers, IBM, Toshiba and Sony. In December 2006 a process key was published on the internet by hackers, enabling unrestricted access to AACS-restricted HD DVD content. After the cracked keys were revoked, further cracked keys were released.
The CableCard standard is used by cable television providers in the United States to restrict content to services to which the customer has subscribed.
The broadcast flag concept was developed by Fox Broadcasting in 2001 and was supported by the MPAA and the FCC. A ruling in May 2005 by a US Court of Appeals held that the FCC lacked authority to impose it on the TV industry in the US. It required that all HDTVs obey a stream specification determining whether or not a stream can be recorded. This could block instances of fair use, such as time-shifting. It achieved more success elsewhere when it was adopted by the Digital Video Broadcasting Project (DVB), a consortium of about 250 broadcasters, manufactures, network operators, software developers, and regulatory bodies from about 35 countries involved in attempting to develop new digital TV standards.
An updated variant of the broadcast flag has been developed in the Content Protection and Copy Management (DVB-CPCM). It was developed in private, and the technical specification was submitted to European governments in March 2007. As with much DRM, the CPCM system is intended to control use of copyrighted material by the end-user, at the direction of the copyright holder. According to Ren Bucholz of the EFF, which paid to be a member of the consortium, "You won't even know ahead of time whether and how you will be able to record and make use of particular programs or devices". The DVB supports the system as it will harmonize copyright holders' control across different technologies and so make things easier for end users. The CPCM system is expected to be submitted to the European Telecommunications Standards Institute in 2008.
Discs with digital rights management schemes are not legitimately standards-compliant Compact Discs (CDs) but are rather CD-ROM media. Therefore they all lack the CD logotype found on discs which follow the standard (known as Red Book). Therefore these CDs could not be played on all CD players. Many consumers could also no longer play purchased CDs on their computers. PCs running Microsoft Windows would sometimes even crash when attempting to play the CDs.
In 2002, Bertelsmann (comprising BMG, Arista, and RCA) was the first corporation to use DRM on audio CDs. In 2005, Sony BMG introduced new DRM technology which installed DRM software on users' computers without clearly notifying the user or requiring confirmation. Among other things, the installed software included a rootkit, which created a severe security vulnerability others could exploit. When the nature of the DRM involved was made public much later, Sony initially minimized the significance of the vulnerabilities its software had created, but was eventually compelled to recall millions of CDs, and released several attempts to patch the surreptitiously included software to at least remove the rootkit. Several class action lawsuits were filed, which were ultimately settled by agreements to provide affected consumers with a cash payout or album downloads free of DRM.
Sony's DRM software actually had only a limited ability to prevent copying, as it affected only playback on Windows computers, not on other equipment. Even on the Windows platform, users regularly bypassed the restrictions. And, while the Sony DRM technology created fundamental vulnerabilities in customers' computers, parts of it could be trivially bypassed by holding down the "shift" key while inserting the CD, or by disabling the autorun feature. In addition, audio tracks could simply be played and re-recorded, thus completely bypassing all of the DRM (this is known as the analog hole). Sony's first two attempts at releasing a patch which would remove the DRM software from users' computers failed.
In January 2007, EMI stopped publishing audio CDs with DRM, stating that "the costs of DRM do not measure up to the results."  Following EMI, Sony BMG was the last publisher to abolish DRM completely, and audio CDs containing DRM are no longer released by the four record labels.
Many online music stores employ DRM to restrict usage of music purchased and downloaded online. There are many options for consumers wishing to purchase digital music over the internet:
The various services are currently not interoperable, though those that use the same DRM system (for instance the several Windows Media DRM format stores, including Napster, Kazaa and Yahoo Music) all provide songs that can be played side-by-side through the same player program. Almost all stores require client software of some sort to be downloaded, and some also need plug-ins. Several colleges and universities, such as Rensselaer Polytechnic Institute, have made arrangements with assorted Internet music suppliers to provide access (typically DRM-restricted) to music files for their students, to less than universal popularity, sometimes making payments from student activity fee funds. One of the problems is that the music becomes unplayable after leaving school unless the student continues to pay individually. Another is that few of these vendors are compatible with the most common portable music player, the Apple iPod. The Gowers Review of Intellectual Property (to HMG in the UK; 141 pages, 40+ specific recommendations) has taken note of the incompatibilities, and suggests (Recommendations 8—12) that there be explicit fair dealing exceptions to copyright allowing libraries to copy and format-shift between DRM schemes, and further allowing end users to do the same privately. If adopted, some of the acrimony may decrease.
Although DRM is prevalent for Internet music, some online music stores such as eMusic, Dogmazic, Amazon, and Beatport, do not use DRM despite encouraging users to avoid sharing music. Another online retailer, Xiie.net, which sells only unsigned artists, encourages people to share the music they buy from the site, to increase exposure for the artists themselves. Major labels have begun releasing more online music without DRM. Eric Bangeman suggests in Ars Technica that this is because the record labels are "slowly beginning to realize that they can't have DRMed music and complete control over the online music market at the same time... One way to break the cycle is to sell music that is playable on any digital audio player. eMusic does exactly that, and their surprisingly extensive catalog of non-DRMed music has vaulted it into the number two online music store position behind the iTunes Store." Apple's Steve Jobs has called on the music industry to eliminate DRM in an open letter titled Thoughts on Music. Apple's iTunes store will start to sell DRM-free 256 kbit/s (up from 128 kbit/s) AAC encoded music from EMI for a premium price (this has since reverted to the standard price). In March 2007, Musicload.de, one of Europe's largest online music retailers, announced their position strongly against DRM. In an open letter, Musicload stated that three out of every four calls to their customer support phone service are as a result of consumer frustration with DRM.
Computer games sometimes use DRM technologies to limit the number of systems the game can be installed on by requiring authentication with an online server. Most games with this restriction allow three or five installs, although some allow an installation to be 'recovered' when the game is uninstalled. This not only limits users who have more than three or five computers in their homes (seeing as the rights of the software developers allow them to limit the number of installations), but can also prove to be a problem if the user has to unexpectedly perform certain tasks like upgrading operating systems or reformatting the computer's hard drive, tasks which, depending on how the DRM is implemented, count a game's subsequent reinstall as a new installation, making the game potentially unusable after a certain period even if it is only used on a single computer.
One of the earliest prominent uses of online-based DRM technology in a AAA title was the result of Valve's decision to bind Half-Life 2 to the Steam platform. This was met with considerable protest from the gaming community and a number of legal challenges were submitted, including consumer groups. In some cases, retail houses were required to attach labels to the front of the game's cases clearly stating that an Internet connection was required to activate the game.
In mid-2008, the publication of Mass Effect marked the start of a wave of titles primarily making use of SecuROM and Steam for DRM and requiring authentication via an online server. The use of DRM scheme in 2008's Spore backfired and there were considerable protest, resulting in a considerable number of users seeking a pirated version instead. This backlash against SecuROM was a significant factor in Spore becoming the most pirated game in 2008.
Many mainstream publishers continued to rely on online-based DRM throughout the later half of 2008 and early 2009, including Electronic Arts, Ubisoft and Atari. Ubisoft broke with the tendency to use online DRM in late 2008 with the release of Prince of Persia as an experiment to "see how truthful people really are"  regarding the claim that DRM was inciting people to use pirated copies. Although Ubisoft has not commented on the results of the 'experiment', the majority of their subsequent titles in 2009 contained no online-based DRM since the release of Prince of Persia - notable examples being Anno 1404 and James Cameron's Avatar: The Game making use of the online version of the TAGES copy protection system. An official patch has since been released stripping Anno 1404 of the DRM. Electronic Arts followed suit in June 2009 with The Sims 3, with subsequent EA and EA Sports titles also being devoid of online DRM.
Ubisoft formally anounced a return to on-line authentication on 9 February 2010 through its Uplay™ on-line gaming platform, starting with Silent Hunter V and Assassin's Creed 2. Unfortunately, Silent Hunter V was compromised within 24 hours, rendering the DRM compromised almost as soon as it was released.
Electronic books read on a personal computer or an e-book reader typically use DRM restrictions to limit copying, printing, and sharing of e-books. E-books are usually limited to a certain number of reading devices and some e-publishers prevent any copying or printing. Some commentators believe that DRM is something that makes E-book publishing complex.
Two of the most commonly used software programs to view e-books are Adobe Reader and Microsoft Reader. Each program uses a slightly different approach to DRM. The first version of Adobe Acrobat e-book Reader to have encryption technologies was version 5.05. In the later version 6.0, the technologies of the PDF reader and the e-book reader were combined, allowing it to read both DRM-restricted and unrestricted files. After opening the file, the user is able to view the rights statement, which outlines actions available for the specific document. For example, for a freely transferred PDF, printing, copying to the clipboard, and other basic functions are available to the user. However, when viewing a more highly restricted e-book, the user is unable to print the book, copy or paste selections. The level of restriction is specified by the publisher or distribution agency.
Microsoft Reader, which exclusively reads e-books in a .lit format, contains its own DRM software. In Microsoft Reader there are three different levels of access control depending on the e-book: sealed e-books, inscribed e-books and owner exclusive e-books. Sealed e-books have the least amount of restriction and only prevents the document from being modified. Therefore, the reader cannot alter the content of the book to change the ending, for instance. Inscribed e-books are the next level of restriction. After purchasing and downloading the e-book, Microsoft Reader puts a digital ID tag to identify the owner of the e-book. Therefore, this discourages distribution of the e-book because it is inscribed with the owner’s name making it possible to trace it back to the original copy that was distributed. Other e-book software uses similar DRM schemes. For example, Palm Digital Media, now known as Ereader, links the credit card information of the purchaser to the e-book copy in order to discourage distribution of the books.
The most stringent form of security that Microsoft Reader offers is called owner exclusive e-books, which uses traditional DRM technologies. To buy the e-book the consumer must first open Microsoft Reader, which ensures that when the book is downloaded it becomes linked to the computer’s Microsoft Passport account. Thus the e-book can only be opened with the computer with which it was downloaded, preventing copying and distribution of the text.
Amazon.com has remotely deleted purchased copies of George Orwell's 1984 and Animal Farm from customer's Amazon Kindles. Commenters have widely described these actions as Orwellian, and have alluded to Big Brother from Orwell's 1984. After an apology from Amazon CEO Jeff Bezos, the Free Software Foundation has written that this is just one more example of the excessive power Amazon has to remotely censor what people read through its software, and called upon Amazon to free its e-book reader and drop DRM.
Enterprise digital rights management (E-DRM or ERM) is the application of DRM technology to the control of access to corporate documents such as Microsoft Word, PDF, and AutoCAD files, emails, and intranet web pages rather than to the control of consumer media. E-DRM, now more commonly referenced as IRM (Information Rights Management), is generally intended to prevent the unauthorized use (such as industrial or corporate espionage or inadvertent release) of proprietary documents. IRM typically integrates with content management system software.
DRM has been used by organizations such as the British Library in its secure electronic delivery service to permit worldwide access to substantial numbers of rare (and in many cases unique) documents which, for legal reasons, were previously only available to authorized individuals actually visiting the Library's document centre at Boston Spa in England.
Watermarks can be used for different purposes that may include:
Watermarks are not complete DRM mechanisms in their own right, but are used as part of a system for Digital Rights Management, such as helping provide prosecution evidence for purely legal avenues of rights management, rather than direct technological restriction. Some programs used to edit video and/or audio may distort, delete, or otherwise interfere with watermarks. Signal/modulator-carrier chromatography may also separate watermarks from original audio or detect them as glitches. Use of third party media players and other advanced programs render watermarking useless. Additionally, comparison of two separately obtained copies of audio using simple, home-grown algorithms can often reveal watermarks. New methods of detection are currently under investigation by both industry and non-industry researchers.
Sometimes, metadata is included in purchased music which records information such as the purchaser's name, account information, or email address. This information is not embedded in the played audio or video data, like a watermark, but is kept separate, but within the file or stream.
As an example, metadata is used in media purchased from Apple's iTunes Store for DRM-free as well as DRM-restricted versions of their music or videos. This information is included as MPEG standard metadata. 
|Name||Used In||Date of Use||Description|
|DRM Schemes Currently in Use|
|Personal computer DRM|
|Windows Media DRM||Many Online Video Distribution Networks||1999+||WMV DRM is designed to provide secure delivery of audio and/or video content over an IP network to a PC or other playback device in such a way that the distributor can control how that content is used.|
|FairPlay||The iTunes Store, iPod||2003+||Purchased music files were encoded as AAC, then encrypted with an additional format that renders the file exclusively compatible with iTunes and the iPod. On January 6 2009, Apple announced that the iTunes Store would begin offering all songs DRM-free.|
|Helix & Harmony||Real Networks services||2003+||A DRM system from Real Networks intended to be interoperable with other DRM schemes, particularly FairPlay. Ultimately used only by Real Networks.|
|Orion/EasyLicenser ||Enterprise, business, networking, financial, telecom and consumer applications||2003+||Restriction for applications written in Java, .Net or C/C++ on Windows, Linux, Solaris and Mac|
|Excel Software ||Business, educational, government and consumer applications||2006+||Protection for Mac and Windows applications, plugins, DLLs, multimedia and documents with manual and automated activation, trial and perpetual licenses, software subscriptions, floating and dynamic licenses, network floating licenses and user friendly license release, restore, suspend and automated feature delivery.|
|Adobe Protected Streaming||Flash Video/Audio Streaming||2006+||The Media-Streams are encrypted "on the fly" by the Flash Media Server (the protocol used is rtmpe or rtmps). In addition the client player can be verified via "SWF-Verification", to make sure that only the official client can be used.|
|PlayReady||Computers, Mobile and Portable Devices||2007+||PlayReady is designed to encrypt WMA, WMV, AAC, AAC+, enhanced AAC+, and H.263 and H.264 codecs files. PlayReady is actually a new version of Windows Media DRM for Silverlight. Silverlight 2-based online content can be restricted using PlayReady and played back via the Silverlight plug-in. PlayReady is promoted by Microsoft|
|Portable device DRM|
|Janus WMA DRM||All PlaysForSure Devices||2004+||Janus is the codename for a portable version of Windows Media DRM intended portable devices.|
|OMA DRM||Implemented in over 550 phone models.||2004+||A DRM system invented by the Open Mobile Alliance to control copying of cell phone ring tones. Also used to control access to media files, such as video.|
|Storage media DRM|
|VHS Macrovision||Almost all VHS Video through the end of the 20th Century||1984+||When dubbing a Macrovision-encoded tape, a video stream which has passed through the recording VCR will become dark and then normal again periodically, degrading quality. The picture may also become unstable when darkest.|
|Content-scrambling system (CSS)||Some DVD Discs||1996+||CSS utilizes a weak, 40-bit stream cipher to actively encrypt DVD-Video.|
|DVD Region Code||Some DVD Discs||1996+||Many DVD-Video discs contain one or more region codes, marking those area[s] of the world in which playback is permitted. This restriction enforces artificial market segmentation.|
|ARccOS Protection||Some DVD Discs||1997?||Adds corrupt data sectors to the DVD, preventing computer software implementing computer standards from successfully reading the media. DVD players execute the on-disk program which skips the (corrupt) ARccOS sectors.|
|OpenMG||ATRAC audio devices (e.g., MiniDisc players), Memory Stick based audio players, AnyMusic distribution service||1999+||A proprietary DRM system invented and promoted by Sony.|
|BD+||Blu-ray Discs||2005+||A virtual machine embedded in authorized Blu-ray players that runs a security check on the playback environment to ensure that it has not been compromised. It also performs necessary descrambling of the audio/video stream on discs, allowing the content to be rendered.|
|DRM Schemes no Longer in Use|
|Extended Copy Protection||Sony and BMG CDs||2005||Also known as the 'Sony Rootkit'. Although not classified as a virus by many anti-virus software producers, it bore many virus-like and trojan-like characteristics, rendering it illegal in some places and dangerous to infected computers in all. After it became publicly known, protests and litigation resulted in withdrawal by Sony. The US litigation was settled by payment by Sony.|
|DRM Schemes Proposed|
|Internal Self Intelligence||CHRISM Software||Not quite the same as DRM, but it fits in this category. Internal software unique to each copy of a program is compiled in at the time of purchase. US Patent Office Application Number 11678137. Cracking a compiled version for the right key codes will not result in a redistributable cracked version because the internal algorithms that utilize the key codes also incorporate separate encrypted time of compile and other information, and will prevent installs after, say, 36 hours of compilation.|
Digital rights management systems have received some international legal backing by implementation of the 1996 WIPO Copyright Treaty (WCT). Article 11 of the Treaty requires nations party to the treaties to enact laws against DRM circumvention.
The WCT has been implemented in most member states of the World Intellectual Property Organization. The American implementation is the Digital Millennium Copyright Act (DMCA), while in Europe the treaty has been implemented by the 2001 European directive on copyright, which requires member states of the European Union to implement legal protections for technological prevention measures. In 2006, the lower house of the French parliament adopted such legislation as part of the controversial DADVSI law, but added that protected DRM techniques should be made interoperable, a move which caused widespread controversy in the United States.
The Digital Millennium Copyright Act (DMCA) is an amendment to United States copyright law passed unanimously on May 14, 1998, which criminalizes the production and dissemination of technology that allows users to circumvent technical copy-restriction methods. Under the Act, circumvention of a technological measure that effectively controls access to a work is illegal if done with the primary intent of violating the rights of copyright holders. (For a more detailed analysis of the statute, see WIPO Copyright and Performances and Phonograms Treaties Implementation Act.)
Reverse engineering of existing systems is expressly permitted under the Act under specific conditions. Under the reverse engineering safe harbor, circumvention necessary to achieve interoperability with other software is specifically authorized. See 17 U.S.C. Sec. 1201(f). Open-source software to decrypt content scrambled with the Content Scrambling System and other encryption techniques presents an intractable problem with the application of the Act. Much depends on the intent of the actor. If the decryption is done for the purpose of achieving interoperability of open source operating systems with proprietary operating systems, the circumvention would be protected by Section 1201(f) the Act. Cf., Universal City Studios, Inc. v. Corley, 273 F.3d 429 (2d Cir. 2001) at notes 5 and 16. However, dissemination of such software for the purpose of violating or encouraging others to violate copyrights has been held illegal. See Universal City Studios, Inc. v. Reimerdes, 111 F. Supp. 2d 346 (S.D.N.Y. 2000).
On 22 May 2001, the European Union passed the EU Copyright Directive, an implementation of the 1996 WIPO Copyright Treaty that addressed many of the same issues as the DMCA.
The DMCA has been largely ineffective in protecting DRM systems, as software allowing users to circumvent DRM remains widely available. However, those who wish to preserve the DRM systems have attempted to use the Act to restrict the distribution and development of such software, as in the case of DeCSS.
Although the Act contains an exception for research, the exception is subject to vague qualifiers that do little to reassure researchers. Cf., 17 U.S.C. Sec. 1201(g). The DMCA has had an impact on cryptography, because many fear that cryptanalytic research may violate the DMCA. The arrest of Russian programmer Dmitry Sklyarov in 2001, for alleged infringement of the DMCA, was a highly publicized example of the law's use to prevent or penalize development of anti-DRM measures. Sklyarov was arrested in the United States after a presentation at DEF CON, and subsequently spent several months in jail. The DMCA has also been cited as chilling to non-criminal inclined users, such as students of cryptanalysis (including, in a well-known instance, Professor Felten and students at Princeton), and security consultants such as the Netherlands based Niels Ferguson, who has declined to publish information about vulnerabilities he discovered in an Intel secure-computing scheme because of his concern about being arrested under the DMCA when he travels to the US.
On 25 April 2007 the European Parliament supported the first directive of EU, which aims to harmonize criminal law in the member states. It adopted a first reading report on harmonizing the national measures for fighting copyright abuse. If the European Parliament and the Council approve the legislation, the submitted directive will oblige the member states to consider a crime a violation of international copyright committed with commercial purposes. The text suggests numerous measures: from fines to imprisonment, depending on the gravity of the offense.
The EP members supported the Commission motion, changing some of the texts. They excluded patent rights from the range of the directive and decided that the sanctions should apply only to offenses with commercial purposes. Copying for personal, non-commercial purposes was also excluded from the range of the directive.
In Europe, there are several ongoing dialog activities that are characterized by their consensus-building intention:
The European Community was expected to produce a recommendation on DRM in 2006, phasing out the use of levies (compensation to rights holders charged on media sales for lost revenue due to unauthorized copying) given the advances in DRM/TPM technology. However, opposition from the member states, particularly France, have now made it unlikely that the recommendation will be adopted.
Many organizations, prominent individuals, and computer scientists are opposed to DRM. Two notable DRM critics are John Walker, as expressed for instance, in his article The Digital Imprimatur: How big brother and big media can put the Internet genie back in the bottle, and Richard Stallman in his article The Right to Read and in other public statements: "DRM is an example of a malicious feature - a feature designed to hurt the user of the software, and therefore, it's something for which there can never be toleration". Professor Ross Anderson of Cambridge University heads a British organization which opposes DRM and similar efforts in the UK and elsewhere. Cory Doctorow, a prominent writer and technology blogger, spoke on the Microsoft campus criticizing the technology, the morality, and the marketing of DRM.
There have been numerous others who see DRM at a more fundamental level. TechMediums.com argues that DRM-free music allows for viral marketing, arguing that independent artists benefit from "free marketing" and can then focus on revenues from higher margin products like merchandise and concert ticket sales. This is similar to some of the ideas in Michael H. Goldhaber's presentation about "The Attention Economy and the Net" at a 1997 conference on the "Economics of Digital Information." (sample quote from the "Advice for the Transition" section of that presentation: "If you can't figure out how to afford it without charging, you may be doing something wrong.")
The final version of the GNU General Public License version 3, as released by the Free Software Foundation, has a provision that 'strips' DRM of its legal value, so people can break the DRM on GPL software without breaking laws like the DMCA. Also, in May 2006, the FSF launched a "Defective by Design" campaign against DRM.
Creative Commons provides licensing options encouraging the expansion of and building upon creative work without the use of DRM. In addition, the use of a Creative Commons-licensed work on a device which incorporates DRM is a breach of the Baseline Rights asserted by each license.
Bill Gates spoke about DRM at CES in 2006. According to him, DRM is not where it should be, and causes problems for legitimate consumers while trying to distinguish between legitimate and illegitimate users.
According to Steve Jobs, Apple opposes DRM music after a public letter calling its music labels to stop requiring DRM on its iTunes Store. As of January 6, 2009, the iTunes Store is DRM-free for songs. However, Apple considers DRM on video content as a separate issue and has not removed DRM from all of its video catalog.
As already noted, many DRM opponents consider "digital rights management" to be a misnomer. They argue that DRM manages rights (or access) the same way prison manages freedom and often refer to it as "digital restrictions management". Alternatively, ZDNet Executive Editor David Berlind suggests the term "Content Restriction, Annulment and Protection" or "CRAP" for short.
The Norwegian Consumer rights organization "Forbrukerrådet" complained to Apple Inc. in 2007 about the company's use of DRM in, and in conjunction with, its iPod and iTunes products. Apple was accused of restricting users' access to their music and videos in an unlawful way, and of using EULAs which conflict with Norwegian consumer legislation. The complaint was supported by consumers' ombudsmen in Sweden and Denmark, and is currently being reviewed in the EU. Similarly, the United States Federal Trade Commission held hearings in March of 2009 to review disclosure of DRM limitations to customers' use of media products.
The use of DRM may also be a barrier to future historians, since technologies designed to permit data to be read only on particular machines, or with particular keys, or for certain periods, may well make future data recovery impossible — see Digital Revolution. This argument connects the issue of DRM with that of asset management and archive technology.
DRM opponents argue that the presence of DRM violates existing private property rights and restricts a range of heretofore normal and legal user activities. A DRM component would control a device a user owns (such as a Digital audio player) by restricting how it may act with regards to certain content, overriding some of the user's wishes (for example, preventing the user from burning a copyrighted song to CD as part of a compilation or a review). An example of this effect may be seen in Microsoft's Windows Vista operating system in which content is disabled or degraded depending on the DRM scheme's evaluation of whether the hardware and its use are 'secure'. All forms of DRM depend on the DRM enabled device (e.g., computer, DVD player, TV) imposing restrictions that (at least by intent) cannot be disabled or modified by the user. Key issues around digital rights management such as the right to make personal copies, provisions for persons to lend copies to friends, provisions for service discontinuance, hardware agnosticism, contracts for public libraries, and customers´ protection against one-side amendments of the contract by the publisher have not been fully addressed. It has also been pointed out that it is entirely unclear whether owners of content with DRM are legally permitted to pass on their property as inheritance to another person.
Valve Corporation President Gabe Newell also stated "most DRM strategies are just dumb" because they only decrease the value of a game in the consumer's eyes. Newell's suggests pairing DRM with "[creating] greater value for customers through service value", and stopped short of repudiating Valve's DRM system, known as Steam. However, Mr. Newell's anti-DRM rhetoric flies in the face of Steam's own copy-protection strategy, which is actually a form of DRM.
Most notably, Apple began selling "DRM-Free" music through their iTunes store in April 2007. It was later revealed that the DRM-Free iTunes files were still embedded with each user's account information, a technique called Digital watermarking generally not regarded as DRM. In January 2009, iTunes began marketing all of their songs as "DRM-Free", however iTunes continues to use DRM on movies, TV shows, ringtones, and audiobooks.
The famous cryptographer and security guru Bruce Schneier has written about the futility of digital copy prevention and says it's an impossible task. He says "What the entertainment industry is trying to do is to use technology to contradict that natural law. They want a practical way to make copying hard enough to save their existing business. But they are doomed to fail." He has also described trying to make digital files uncopyable as being like "trying to make water not wet".
Both the Association for Computing Machinery and the Institute of Electrical and Electronics Engineers have historically opposed DRM, even going so far as to name AACS as a technology "most likely to fail" in an issue of IEEE Spectrum.
There are many methods to bypass DRM control on audio and video content.
One simple method to bypass DRM on audio files is to burn the content to an audio CD and then rip it into DRM-free files. This is only possible when the software that plays these DRM-restricted audio files allows CD-burning. Some software products simplify and automate this burn-rip process by allowing the user to burn music to a CD-RW disc or to a Virtual CD-R drive, then automatically ripping and encoding the music, and automatically repeating this process until all selected music has been converted, rather than forcing the user to do this one CD (72–80 minutes worth of music) at a time.
Many software programs have been developed that intercept the data stream as it is decrypted out of the DRM-restricted file, and then use this data to construct a DRM-free file. These programs require a decryption key. Programs that do this for DVDs, HD DVDs, and Blu-ray Discs include universal decryption keys in the software itself. Programs that do this for TiVo ToGo recordings, iTunes audio, and PlaysForSure songs, however, rely on the user's own key — that is, they can only process content that the user has legally acquired under his or her own account.
Another method is to use software to record the signals being sent through the audio or video cards, or to plug analog recording devices into the analog outputs of the media player. These techniques utilize the so-called "analog hole" (see below).
All forms of DRM for audio and visual material (excluding interactive materials, e.g. videogames) are subject to the analog hole, namely that in order for a viewer to play the material, the digital signal must be turned into an analog signal containing light and/or sound for the viewer, and so available to be copied as no DRM is capable of controlling content in this form. In other words, a user could play a purchased audio file while using a separate program to record the sound back into the computer into a DRM-free file format.
All DRM to date can therefore be bypassed by recording this signal and digitally storing and distributing it in a non DRM limited form, by anyone who has the technical means of recording the analog stream. However the conversion from digital to analog and back is likely to force a loss of quality, particularly when using lossy digital formats. HDCP is an attempt to restrict the analog hole, although it is largely ineffective.
Asus released a soundcard which features a function called "Analog Loopback Transformation" to bypass the restrictions of DRM. This feature allows the user to record DRM-restricted audio via the soundcard's built-in analog I/O connection.
Many of the DRM systems in use are designed to work on general purpose computing hardware, such as desktop PCs apparently because this equipment is felt to be a major contributor to revenue loss from disallowed copying. Large commercial copyright infringers ("pirates") avoid consumer equipment, so losses from such infringers will not be covered by such provisions.
It has been hypothesized that such schemes, especially software based ones, can never be wholly secure since the software must include all the information necessary to decrypt the content, such as the decryption keys. An attacker will be able to extract this information, directly decrypt and copy the content, which bypasses the restrictions imposed by a DRM system.
Many DRM schemes use encrypted media which requires purpose-built hardware to hear or see the content. This appears to ensure that only licensed users (those with the hardware) can access the content. It additionally tries to protect a secret decryption key from the users of the system.
While this in principle can work, it is extremely difficult to build the hardware to protect the secret key against a sufficiently determined adversary. Many such systems have failed in the field. Once the secret key is known, building a version of the hardware that performs no checks is often relatively straightforward. In addition user verification provisions are frequently subject to attack, pirate decryption being among the most frequented ones.
A common real-world example can be found in commercial direct broadcast satellite television systems such as DirecTV. The company uses tamper-resistant smart cards to store decryption keys so that they are hidden from the user and the satellite receiver. However, the system has been compromised in the past, and DirecTV has been forced to roll out periodic updates and replacements for its smart cards.
Watermarks can very typically be removed, although degradation of video or audio can occur. In particular, lossy compression methods only retain perceptible features of an image, and if the watermarks are invisible, they are typically removed by compression systems as a side-effect.
Mass piracy of hard copies does not necessarily need DRM to be decrypted or removed, as it can be achieved by bit-perfect copying of a legally obtained medium without accessing the decrypted content. Additionally, still-encrypted disk images can be distributed over the Internet and played on legitimately licensed players. Other copy protection methods, such as specific data layout on the medium, perform better in this area.
When standards and formats change, it may be difficult to transfer DRM-restricted content to new media. Additionally, any system that requires contact with an authentication server is vulnerable to that server becoming unavailable, as happened in 2007 when videos purchased from Major League Baseball (mlb.com) prior to 2006 became unplayable due to a change to the servers that validate the licences.
Microsoft Zune - When Microsoft introduced their Zune media player in 2006, it did not support content that uses Microsoft's own PlaysForSure DRM scheme they had previously been selling. The EFF calls this "a raw deal".
MSN Music - In April 2008, Microsoft sent an email to former customers of the now-defunct MSN Music store: "As of August 31, 2008, we will no longer be able to support the retrieval of license keys for the songs you purchased from MSN Music or the authorization of additional computers. You will need to obtain a license key for each of your songs downloaded from MSN Music on any new computer, and you must do so before August 31, 2008. If you attempt to transfer your songs to additional computers after August 31, 2008, those songs will not successfully play."
However, to avoid a public relations disaster, Microsoft re-issued MSN Music shutdown statement on June 19th and allowed the users to use their licenses until the end of 2011: "After careful consideration, Microsoft has decided to continue to support the authorization of new computers and devices and delivery of new license keys for MSN Music customers through at least the end of 2011, after which we will evaluate how much this functionality is still being used and what steps should be taken next to support our customers. This means you will continue to be able to listen to your purchased music and transfer your music to new PCs and devices beyond the previously announced August 31, 2008 date."
Yahoo! Music Store - On July 23, 2008, the Yahoo! Music Store emailed its customers to tell them it will be shutting down effective September 30, 2008 and the DRM license key servers will be taken offline.
Walmart - In August 2007, Walmart's online music division started offering (DRM-free) MP3s as an option. Starting in February 2008, they made all sales DRM-free. On September 26, 2008, the Walmart Music Team notified its customers via email they would will be shutting down their DRM servers October 9, 2008 and any DRM-encumbered music acquired from them will no longer be accessible unless ripped to a non-DRM format before that date.
After bad press and negative reaction from customers, on October 9, 2008, Walmart decided not to take its DRM servers offline. 
Fictionwise / Overdrive - In January 2009, OverDrive informed Fictionwise that they would no longer be providing downloads for purchasers of e-books through Fictionwise as of 31 January 2009. No reason was provided to Fictionwise as to why they were being shut down. This prevents previous purchasers from being able to renew their books on new devices. Fictionwise is working to provide replacement ebooks for its customers in alternative, non-DRM formats, but does not have the rights to provide all of the books in different formats.
Ads for Adobe PDF - Also in January 2009, Adobe Systems announced that as of March 2009 they would no longer operate the servers that served ads to their PDF reader. Depending on the restriction settings used when PDF documents were created, they may no longer be readable.
A very early implementation of DRM was the Software Service System (SSS) devised by the Japanese engineer Ryoichi Mori in 1983 and subsequently refined under the name superdistribution. The SSS was based on encryption, with specialized hardware that controlled decryption and also enabled payments to be sent to the copyright holder. The underlying principle of the SSS and subsequently of superdistribution was that the distribution of encrypted digital products should be completely unrestricted and that users of those products would not just be permitted to redistribute them but would actually be encouraged to do so.
Some people do not like Digital Rights Management. They think that DRM makes copying harder than copyright laws allow. A group named the Free Software Foundation suggested that "Digital Restrictions Management" is a better name.
People can break DRM. If someone breaks a DRM technology then copying is possible. All widely used DRM technologies have been broken. Making a DRM technology that can not be broken is very hard. Some people say that all DRM technologies in the future will be broken. In the United States it is not legal to break a DRM.