p2pnet.net News:- World governments shouldn’t trust Trusted Computing (TC) or DRM, says New Zealand’s State Services Commission (SSC), we posted yesterday, going on:

“Accordingly, it’s invited administrations around the world to share, peer-to-peer, special policies and principles it’s drawn up to make sure TC and Digital Restrictions Management applications don’t interfere with, or compromise, information security.”

But Cory Doctorow has serious concerns and on Boing Boing said:

The principles describe a theoretical DRM that governments could use without threatening their own security, ongoing access to information, archiving and public privacy.

They suggest that DRM vendors should be forced to disclose all the workings of their DRMs, limit the way that their DRMs communicate with the rest of the world, work even when the Internet is down or the vendor’s gone out of business, and so on.

They also call for the creation of a Ministry of DRM that keeps keys and master documents for everything the government puts under DRM, and suggests that this ministry should police all DRM use within government.

One thing that’s notable by its absence is any discussion of DRM and open source. While New Zealand’s official policy is to encourage the use of open source in government, the consultation (which was fed by MIcrosoft, HP and IBM) makes no mention of the disastrous impact of DRM on open source.

DRM relies on its owners not knowing how it works and not being able to change how it works. If I give you a song that can only be played on five computers, it defeats the point if you can change that to 50,000 computers. But the point of open source is that it is better for society, individuals, and competition if anyone who cares to can discover how her tools work, improve those tools, and publish her improvements.

By deciding that it will accept DRM over its threshold — instead of using traditional proven security and open standards — the New Zealand government is setting up a situation where New Zealanders and NZ businesses will have to license software from foreign software companies before they can do business with government.

If you’re an NZ programmer and want to make software to help your neighbors work with the documents that your government publishes, getting into the DRM will require you to close your source, license secrets from foreign DRM vendors, and submit to a “compliance” system that makes sure your work meets the business-priorities of foreign companies.

In a follow-up post today, Doctorow writes:

New Zealand government officials have responded to my criticism of their newly released national DRM strategy — their strategy for government adoption and use of technology that prevents copying and unauthorized use.

These technologies aren’t fit for government use, for a number of reasons. Today, for example, whistle-blowers in government can take official documents that show malfeasance to an ombudsman or the press or their boss. Under the NZ proposal, they’ll have to take their request for leaking sensitive information to a Ministry of DRM that will evaluate their request and determine whether to allow the disclosure. Even if you believe that such a Ministry would be efficient, honest, and even-handed, there’s an undeniable chilling-effect inherent in having to approach a government ministry before releasing material that’s damaging to the government.

Other problems abound, but the gravest is the harm to open source. Open source technology is technology that can be understood, modified, improved and re-published by its user. This methodology has produced the best server OS on the planet (GNU/Linux), the best browser (Firefox), the best mail-server, web-server, video-player, and so on. It’s critical to security research, to development strategies for poor countries and rich, for education and for democracy.

But open source and DRM can’t peacefully co-exist. As I wrote on Monday:

DRM relies on its owners not knowing how it works and not being able to change how it works. If I give you a song that can only be played on five computers, it defeats the point if you can change that to 50,000 computers. But the point of open source is that it is better for society, individuals, and competition if anyone who cares to can discover how her tools work, improve those tools, and publish her improvements.

Rob O’Neill from ZDNet Australia asked an NZ government spokesman for comment on this, and got this reply: “DRM on its own largely depends on users not being able to see how it works, but when combined with trusted computing it is possible to create DRM schemes where people know how they work but can’t circumvent them.”

This is nonsense. Yes, with trusted computing, you could have a DRM program where the source was available, but which would refuse to run if you changed it, but to say that that makes DRM safe for open source is to miss the point entirely.

Open source works not merely because the source is published. Critical to open source is the ability to modify, improve and republish the tools you use. Under the scheme described by the nameless government apparat quoted above, open source authors would need a separate license to modify, improve, and republish open source tools.

But that’s just proprietary software by another name: by that definition, Microsoft Windows is open source, since you can theoretically get a license from Microsoft to modify and re-publish its products. The point of open source is that no further permission is ever needed to make open source tools better. The NZ proposal is one in which improvements can only ever come with permission from DRM consortia, which are universally — to a one — dominated by American companies.

It would be a terrible betrayal for NZ to adopt a policy where its NZ programmers needed to seek permission from American companies in order to make tools that read, manipulated, and made available documents produced the NZ government, at NZ taxpayers’ expense.

Also See:
posted yesterday – Don’t trust ‘trusted computing’, September 6, 2006
Boing Boing – New Zealand wants a Ministry of DRM, September 5, 2006
follow-up post – New Zealand redefines open source as “code you can’t modify”, September 7, 2006

---

p2pnet newsfeeds for your site.
rss feed: http://p2pnet.net/p2p.rss
Mobile – http://p2pnet.net/index-wml.php

This entry was posted on Thursday, September 7th, 2006 at 1:58 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 1578 times