The EFF’s Parker Higgins makes the case that DRM in general makes us less secure,
But while it may not be as intuitive yet, DRM on digital media that you don’t own is also a major threat. Whether it’s books from the public library, streaming songs from Spotify, or TV shows from Netflix, wrapping media in DRM software—especially when it brings with it a cloud of legal uncertainty—is not just a bad way to enforce license contracts; it’s also a danger to our rights and our security.
That’s because DRM in any form requires us to give up control over our own devices to the companies distributing the media. That proposition ranges from unpalatable on a gaming console, to repulsive on laptops and phones loaded with sensors and personal info, to truly alarming when those computers are embedded in machines we trust with our safety.
These aren’t speculative possibilities, either; in the most recent round of rulemaking on DRM-enforcement laws, EFF requested (and was granted) an exemption for security research on the computers in cars. Just last month we filed a complaint with the FDA about DRM restrictions inmedical devices. The threat of a DRM “lockdown” of our critical devices, forcing us to give up ownership of our technology in the misguided pursuit of limiting copies or enforcing contractual limitations, is very real, and only getting more so.
Those problems are fundamental to DRM and the legal and technical structures that support it. They are just as pronounced when the DRM is designed to enforce unacceptable limitations on ownership as when they hew closely to agreed-upon restrictions. Even if we never encounter the device that won’t play our music or the video game that stops working when the DRM servers shut down, we still give up something crucially important when we allow media to come wrapped in unaccountable software.