Presentation is loading. Please wait.

Presentation is loading. Please wait.

Who benefits from stronger Digital Rights Management? Ross Anderson Cambridge University and Foundation for Information Policy Research.

Published byRegina Brumagin Modified over 10 years ago

Similar presentations

Presentation on theme: "Who benefits from stronger Digital Rights Management? Ross Anderson Cambridge University and Foundation for Information Policy Research."— Presentation transcript:

1 Who benefits from stronger Digital Rights Management? Ross Anderson Cambridge University and Foundation for Information Policy Research

2 Economics and Security Over the last five years, we’ve started to apply economic analysis to information security Over the last five years, we’ve started to apply economic analysis to information security Economic analysis often explains security failure better! Bank customers suffer when bank systems allow fraud, patients suffer when hospital systems break privacy Economic analysis often explains security failure better! Bank customers suffer when bank systems allow fraud, patients suffer when hospital systems break privacy People who can protect a system are often not the people who suffer when it’s hacked People who can protect a system are often not the people who suffer when it’s hacked And information security mechanisms are used increasingly to support business models rather than manage risk And information security mechanisms are used increasingly to support business models rather than manage risk

3 New Uses of Infosec Xerox started using authentication in ink cartridges to tie them to the printer. Followed by HP, Lexmark and others Xerox started using authentication in ink cartridges to tie them to the printer. Followed by HP, Lexmark and others Motorola started authenticating batteries to mobile phones Motorola started authenticating batteries to mobile phones BMW now has a prototype car that authenticates its major components BMW now has a prototype car that authenticates its major components Increasingly crypto is used to lock customers in, tie products, bundle services, enforce cross- subsidies and rig markets generally Increasingly crypto is used to lock customers in, tie products, bundle services, enforce cross- subsidies and rig markets generally Now ‘Trusted Computing’ will deepen this Now ‘Trusted Computing’ will deepen this

4 What’s Software Worth? The value of a software company is the total switching costs of all its customers The value of a software company is the total switching costs of all its customers E.g., law firm with 100 fee earners paying £500 a seat for Office -> it would cost £50K to retrain everyone to use OpenOffice, convert files etc E.g., law firm with 100 fee earners paying £500 a seat for Office -> it would cost £50K to retrain everyone to use OpenOffice, convert files etc In software, lock-in plays the role that patents do in the drug industry In software, lock-in plays the role that patents do in the drug industry Same holds for many other online services Same holds for many other online services

5 Rights Management and Competition IRM – Information Rights Management – changes ownership of a file from the machine owner to the file creator IRM – Information Rights Management – changes ownership of a file from the machine owner to the file creator Files are encrypted and associated with rights management information Files are encrypted and associated with rights management information The file creator can specify that a file can only be read by Mr. X, and only till date Y The file creator can specify that a file can only be read by Mr. X, and only till date Y Now shipping in Office 2003 Now shipping in Office 2003 What will be the effect on the typical business that uses PCs? What will be the effect on the typical business that uses PCs?

6 TC (Trusted / Trustworthy / Treacherous Computing) ‘ Trusted Computing Group’ (TCG) redsigning PCs to give better support to DRM, to the IRM mechanisms in Office 2003, to online software registration etc ‘ Trusted Computing Group’ (TCG) redsigning PCs to give better support to DRM, to the IRM mechanisms in Office 2003, to online software registration etc Idea – put a TPM (smartcard) chip in every PC motherboard, PDA, mobile phone Idea – put a TPM (smartcard) chip in every PC motherboard, PDA, mobile phone This will do remote attestation of what the machine is and what software it’s running This will do remote attestation of what the machine is and what software it’s running On top of this will be layers of software providing new security functionality, of a kind that would otherwise be easily circumvented On top of this will be layers of software providing new security functionality, of a kind that would otherwise be easily circumvented

7 Why is Microsoft so Keen? At present, a company with 100 PCs pays maybe £500 per seat for Office At present, a company with 100 PCs pays maybe £500 per seat for Office Remember – value of software company = total switching costs Remember – value of software company = total switching costs So – cost of retraining everyone to use Linux, converting files etc is maybe £50,000 So – cost of retraining everyone to use Linux, converting files etc is maybe £50,000 But once many of the documents can’t be converted without the creators’ permission, the switching cost is much higher But once many of the documents can’t be converted without the creators’ permission, the switching cost is much higher Bill: ‘we came to this thinking about music but then realised documents and email were much more interesting’ Bill: ‘we came to this thinking about music but then realised documents and email were much more interesting’

8 Strategic Issues Who will control users’ data? Who will control users’ data? Microsoft view – everything will be on an MS platform (your WP files, presentations, address book, pictures, movies, music) Microsoft view – everything will be on an MS platform (your WP files, presentations, address book, pictures, movies, music) European Commission view – this is illegal! – orders MS to unbundle Media Player European Commission view – this is illegal! – orders MS to unbundle Media Player The struggle continues, with TC, the Vista file system, … The struggle continues, with TC, the Vista file system, …

9 Rights Management and the Music Industry What happens when you link a concentrated industry (platforms) with a less concentrated industry (music)? What happens when you link a concentrated industry (platforms) with a less concentrated industry (music)? Varian (Jan 2005) – most of the resulting surplus goes to the platform owner Varian (Jan 2005) – most of the resulting surplus goes to the platform owner Music industry was scornful – but by July were worried and are now panicking Music industry was scornful – but by July were worried and are now panicking Musicians saw fee per single fall from 34p to 3p – and are now cutting out the majors Musicians saw fee per single fall from 34p to 3p – and are now cutting out the majors

10 Competitive Issues Microsoft taught the industry the benefits of controlling all user data Microsoft taught the industry the benefits of controlling all user data TC will help spread this model from the PC to PDAs, phones, music systems, … TC will help spread this model from the PC to PDAs, phones, music systems, … At present, there are many petabytes of ‘free’ data for new apps to use (I.e., your data) At present, there are many petabytes of ‘free’ data for new apps to use (I.e., your data) In future, apps can use TC mechanisms to lock in users by locking down their data In future, apps can use TC mechanisms to lock in users by locking down their data The software industry will become much less dynamic, more like a ‘normal’ industry - at a cost in growth and jobs (especially in LDCs) The software industry will become much less dynamic, more like a ‘normal’ industry - at a cost in growth and jobs (especially in LDCs)

11 Competitive Issues (2) Sony model – subsidize hardware from software Sony model – subsidize hardware from software 2007 – a PC costs $399 in Walmart, a TC $299 2007 – a PC costs $399 in Walmart, a TC $299 2009 – $29.95 a month buys an Office Plan with unlimited Word and Excel, and 500 Powerpoint minutes per month. The hardware comes free 2009 – $29.95 a month buys an Office Plan with unlimited Word and Excel, and 500 Powerpoint minutes per month. The hardware comes free What’s the effect on free software? What’s the effect on free software? What’s the effect on law enforcement? What’s the effect on law enforcement? What’s the effect on the Internal Market? What’s the effect on the Internal Market? And on the pervasive computing future??? And on the pervasive computing future???

12 The Information Society More and more goods contain software More and more goods contain software More and more industries are starting to become like the software industry More and more industries are starting to become like the software industry The good: flexibility, rapid response The good: flexibility, rapid response The bad: frustration, poor service The bad: frustration, poor service The ugly: monopolies The ugly: monopolies How will the law evolve to cope? How will the law evolve to cope?

13 Property The enlightenment idea – that the core mission of government wasn’t defending faith, but defending property rights The enlightenment idea – that the core mission of government wasn’t defending faith, but defending property rights 18th-19th century: rapid evolution of property and contract law 18th-19th century: rapid evolution of property and contract law Realization that these are not absolute! Realization that these are not absolute! Abolition of slavery, laws on compulsory purchase, railway regulation, labour contracts, tenancy contracts, … Abolition of slavery, laws on compulsory purchase, railway regulation, labour contracts, tenancy contracts, …

14 Intellectual Property Huge expansion as software etc have become more important – 7+ directives since 1991 Huge expansion as software etc have become more important – 7+ directives since 1991 As with `ordinary’ property and contract in about 1850, we’re hitting serious conflicts As with `ordinary’ property and contract in about 1850, we’re hitting serious conflicts Competition law – legal protection of DRM mechanisms leads to enforcement of illegal contracts and breaches of the Treaty of Rome; judgment against Microsoft Competition law – legal protection of DRM mechanisms leads to enforcement of illegal contracts and breaches of the Treaty of Rome; judgment against Microsoft Environmental law – recycling of ink cartridges mandated, after printer vendors use crypto to stop it Environmental law – recycling of ink cartridges mandated, after printer vendors use crypto to stop it

15 Intellectual Property (2) Privacy law – DRM mechanisms collect usage data to segment markets Privacy law – DRM mechanisms collect usage data to segment markets Trade law – exemption for online services may undermine the Single Market Trade law – exemption for online services may undermine the Single Market Employment law – French courts strike down a major’s standard record contract Employment law – French courts strike down a major’s standard record contract IPR Enforcement Directive 2 – will criminalize patent infringement and incitement to infringe IP, unlike in the USA where the BSA is pushing for reduced civil damages in patent cases IPR Enforcement Directive 2 – will criminalize patent infringement and incitement to infringe IP, unlike in the USA where the BSA is pushing for reduced civil damages in patent cases With IPRED 1 and Lexmark, it could make the EU more hostile to technology and innovation than America With IPRED 1 and Lexmark, it could make the EU more hostile to technology and innovation than America

16 Conclusions More government involvement in infosec, and related issues such as DRM, is inevitable More government involvement in infosec, and related issues such as DRM, is inevitable However, policy is often confused and contradictory at all levels However, policy is often confused and contradictory at all levels We need to figure out how to balance competing social goals, as we have in the physical world, and underpin that balance with legislation We need to figure out how to balance competing social goals, as we have in the physical world, and underpin that balance with legislation And we mustn’t end up being more hostile to technology business than the USA And we mustn’t end up being more hostile to technology business than the USA Mature economic analysis is essential! Mature economic analysis is essential!

17 More … WEIS 2006 (Workshop on Economics and Information Security), Cambridge, June 26-28 2006 WEIS 2006 (Workshop on Economics and Information Security), Cambridge, June 26-28 2006 Economics and Security Resource Page – www.cl.cam.ac.uk/~rja14/econsec.html (or follow link from my home page) Economics and Security Resource Page – www.cl.cam.ac.uk/~rja14/econsec.html (or follow link from my home page) www.cl.cam.ac.uk/~rja14/econsec.html Foundation for Information Policy Research – www.fipr.org Foundation for Information Policy Research – www.fipr.orgwww.fipr.org

Download ppt "Who benefits from stronger Digital Rights Management? Ross Anderson Cambridge University and Foundation for Information Policy Research."

Similar presentations

IT: Communication and Impacts

IT: Communication and Impacts
ORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT ORGANISATION DE COOPÉRATION ET DE DEVELOPMENT ÉCONOMIQUES OECDOCDE 1 Entrepreneurship International.

ORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT ORGANISATION DE COOPÉRATION ET DE DEVELOPMENT ÉCONOMIQUES OECDOCDE 1 Entrepreneurship International.
Using Information at the University University Secretarys Office

Using Information at the University University Secretarys Office
ON-LINE INFRINGEMENT OF MUSICAL COPYRIGHT: THE UK LEGAL PERSPECTIVE Presentation to British Computer Society Seminar on “IT’s Music Industry” on 18 October.

ON-LINE INFRINGEMENT OF MUSICAL COPYRIGHT: THE UK LEGAL PERSPECTIVE Presentation to British Computer Society Seminar on “IT’s Music Industry” on 18 October.
Vista, TC and Competition Policy Ross Anderson Cambridge University and Foundation for Information Policy Research.

Vista, TC and Competition Policy Ross Anderson Cambridge University and Foundation for Information Policy Research.
Competition and ‘Trusted Computing’ Ross Anderson Cambridge University and Foundation for Information Policy Research.

Competition and ‘Trusted Computing’ Ross Anderson Cambridge University and Foundation for Information Policy Research.
The Role of Government in Our Economy

The Role of Government in Our Economy
My name is Andrew Kendall - I am the StFX Industry Liaison Officer.

My name is Andrew Kendall - I am the StFX Industry Liaison Officer.
PRESENTED BY ELISE BAUN UNIVERSITY OF CONNECTICUT SCHOOL OF LAW Hargreaves’ Report and The Digital Copyright Exchange.

PRESENTED BY ELISE BAUN UNIVERSITY OF CONNECTICUT SCHOOL OF LAW Hargreaves’ Report and The Digital Copyright Exchange.
Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?

Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?
Vivien Irish, Patent Attorney, WIPO and TPI, January 2005 Copyright and related issues for SMEs Vivien Irish Consultant Patent Attorney.

Vivien Irish, Patent Attorney, WIPO and TPI, January 2005 Copyright and related issues for SMEs Vivien Irish Consultant Patent Attorney.
China on the way to a high-technology country: The legal policy perspective Stefan Luginbuehl Lawyer, International Legal Affairs.

China on the way to a high-technology country: The legal policy perspective Stefan Luginbuehl Lawyer, International Legal Affairs.
Slides prepared by Cyndi Chie and Sarah Frye1 A Gift of Fire Third edition Sara Baase Chapter 4: Intellectual Property.

Slides prepared by Cyndi Chie and Sarah Frye1 A Gift of Fire Third edition Sara Baase Chapter 4: Intellectual Property.
The Economics of Information Security: A Survey and Open Questions Ross Anderson, Tyler Moore Cambridge University.

The Economics of Information Security: A Survey and Open Questions Ross Anderson, Tyler Moore Cambridge University.
Security Economics Ross Anderson Cambridge University.

Security Economics Ross Anderson Cambridge University.
Security Economics Ross Anderson Cambridge University.

Security Economics Ross Anderson Cambridge University.
W15D3. Protection (recap) Common sense Antivirus software (some free, eg: AVG) Update OS Verify the validity of info in e-mails received  Use search.

W15D3. Protection (recap) Common sense Antivirus software (some free, eg: AVG) Update OS Verify the validity of info in s received  Use search.
Economics of Dependability and Security Economics of Dependability and Security Ross Anderson Cambridge University.

Economics of Dependability and Security Economics of Dependability and Security Ross Anderson Cambridge University.
The Economics of Information Security Ross Anderson Cambridge University.

The Economics of Information Security Ross Anderson Cambridge University.
Information Society – Future Prospects Ross Anderson Cambridge University and Foundation for Information Policy Research.

Information Society – Future Prospects Ross Anderson Cambridge University and Foundation for Information Policy Research.

Similar presentations

Ads by Google