Legal perspective

Although rights holders expected DRM to prevent privacy, many of the DRM systems were hacked (Hauser and Wenz 2003). It was believed that criminalization of profit-driven hacking can be effective in increasing the cost of hacking and

therefore reducing its quantity (Leeson and Coyne 2005). In response to the industrial concerns regarding the vulnerability of DRM technology to hacking, policy makers started to address them into the law. In 1996, member states of the World Intellectual Property Organization (WIPO) signed and adopted the WIPO Copyright Treaty (WIPO 1996). WIPO (1996) stated “Contracting Parties shall provide adequate legal protection and effective legal remedies against the circumvention of effective technological measures that are used by authors in connection with the exercise of their rights under this Treaty or the Berne Convention and that restrict acts, in respect of their works, which are not authorized by the authors concerned or permitted by law.” As a consequence, member states started to implement necessary legislation to comply with the WIPO treaty. For example, Digital Millennium Copyright Act (DMCA 1998), as the US implementation of WIPO copyright treaty, was enacted in 1998. In the European Union, Directive 2001/29/EC, also known as European Union Copyright Directive (EUCD), was adopted in 2001.

As Samuelson (2003) summarized, DMCA in Section 1201 prohibits both the circumvention of the technological measures that protect a copyrighted work or controls access to the work; and the manufacture, distribution, or trafficking of technologies primarily designed or produced to circumvent those technological measures. DRM systems as a part of technological measures that control access to protected content are therefore protected by DMCA. However, DMCA not only protects DRM systems against piracy but also turns DRM systems into effective means of governing the use of copyrighted works in digital format (Elkin-Koren 2007). Any attempts to consume the content not allowed by the DRM system are illegal even for the consumers with legal purchase. For example, Mulligan et al. (2003 Oct) explained how simply sharing a subscription account with another person could potentially violate DMCA. Liu (2013) discussed how DMCA raises additional barriers to the encryption research even though an exemption for such research was presented in DMCA. Elkin-Koren (2007) elaborated on how DMCA was used to compromise consumers’ freedom with the Lexmark and Chamberlain case. The fundamental question is whether consumers are entitled to any other usage rights than the purchased rights governed by DRM systems. The answer resides in fair use

exemption for unauthorized use of the courts, and therefore enhances flexibility to react to unforeseen challenges that fair use faces when new technological development impacts the copyright system. Burk and Cohen (2001) presented how fair use had performed a variety of social functions within the policy framework of copyright law before DMCA came, and how fair use was not properly reflected in DMCA. Mulligan et al. (2003) believed that fair use exceptions in U.S. copyright law were being undermined by rules that DRM and DMCA enforce which reflects the exclusive interest of rights holder alone. Armstrong (2006) explained how DMCA allows DRM systems to override the fair use doctrine and to change the user experiences that customers are used to before DRM came.

EUCD resembles DMCA in many ways as both are inspired by the corresponding provisions of the WIPO Treaties of 1996 (Fallenbock 2002). As stated in Article 6 in Directive 2001/29/EC (2001), EUCD also requests member states to provide legal protection against the circumvention of technological measures as well as the manufacture, distribution, trafficking of devices, products or components or the provisions of services which are primarily promoted or designed for enabling or facilitating the circumvention of any effective technological measures that prevent or restrict unauthorized access to copyrighted works. Besides the commonality shared between EUCD and DMCA, Dusollier (2003) believed DMCA addresses fair use to a limited extent with a reactive approach to defining a number of exemptions out of scope of legal protection, while EUCD prefers a proactive approach by requesting rights holders to make available the means of benefiting from those exceptions or limitations related to fair use. On the other hand, Senftleben (2010) argued that EUCD failed to offer member states either legal certainty or sufficient flexibility towards fair use doctrine. Hugenholtz and Senftleben (2011) demonstrated how the lack of flexibility in EUCD has caused struggling in courts from several member states when certain fair use is not explicitly recognized in the law. Brown (2003) demonstrated the inconsistency in dealing with interoperability and research related issues among the EUCD implementations from different European countries.

It seems that the fair use doctrine is a delicate balance between freedom and protection inherent in copyright law (Senftleben 2010). Therefore, DRM systems should embrace fair use. Burk and Cohen (2001) proposed a mixed fair use infrastructure with the automatic mechanism as first layer support in domestic DRM system to grant rights in primitive cases of fair use and a mediation mechanism as second layer support with a trusted third party to grant rights in advanced cases of fair use. Armstrong (2006) attempted to enhance the offline experiences of fair use

in Burk and Cohen’s proposal with a rights assertion framework accompanied with identity escrow. Armstrong (2006) explained the conflict of interests in the case of allowing copyright holders to decide whether to grant a set of usage rights for fair uses to the customers. Therefore, granting a disinterested party, such as the government, the authority to authorize requested fair uses could be a preferable solution. In such case, it seems inevitable to allow the DRM system of the disinterested party to interoperate with the DRM system that the copyright holder chooses to enforce purchased rights. Also, Mulligan et al. (2003) believed that allowing rights to be transferred is clearly one step toward better alignment with personal use expectations which includes fair use. DRM interoperability could be a preliminary requirement for a DRM solution that truly embraces fair use.