• Print

"Lightweight" DRM isn't the answer

O'Reilly responds to the IDPF's request for comments on a new form of DRM.

To: Bill McCoy, IDPF Executive Director
From: Joe Wikert, GM & Publisher, O’Reilly Media, Inc.
Subject: “Lightweight” DRM Isn’t the Answer

The world doesn’t need another DRM platform, regardless of whether it’s called “lightweight.” DRM is annoying for customers and provides a false sense of security for publishers. As author Charlie Stross wisely stated, publishing’s “pig-headed insistence on DRM on ebooks is handing Amazon a stick with which to beat them harder.”

I realize your proposed solution is intended to become an industry standard and prevent the type of lock-in Stross describes. Let’s face facts though. Amazon doesn’t use the EPUB format and their current market dominance means they’re the least likely player to advocate an open, interoperable solution like this. And since Amazon owns approximately 60-70% of the ebook market, your proposed standard would only apply to the remaining 30-40%.

Why would anyone want to develop yet another DRM option for, at best, 30-40% of the market?

More importantly, why do you want to give the publishing industry another distraction and reinforce that false sense of security when we’re finally seeing movement towards a DRM-free world?

We’ve been very open about the success of our DRM-free approach at O’Reilly Media. One simple guiding principle led us to being DRM-free: We trust our customers. We get plenty of compliments from those customers throughout the year and it’s clear our trust has created goodwill with them. After spending years touting the benefits of being DRM-free it’s encouraging to see others adopting the same approach, including Tor, a Big Six imprint. O’Reilly has long maintained that the costs of DRM — even lightweight DRM — far outweigh any potential benefits. Our position has not changed since Tim wrote “Piracy is Progressive Taxation, and Other Thoughts on the Evolution of Online Distribution” back in 2002.

If the IDPF really wants to make an impact on this issue I suggest you forget about creating another form of DRM and instead spend time educating publishers and retailers on the virtues of going DRM-free. Besides the obvious benefits to customers this could also lead to the end of Amazon’s big stick that Charlie Stross says we’re all getting hit with.

Once we’ve completely eradicated DRM perhaps the IDPF could offer their own mobi-to-EPUB conversion and sideloading tools for consumers to further level the ebook playing field. That would be a much better use of IDPF resources than any DRM project could ever be.


tags: , , , ,

Comments: 15

  1. With respect:

    The world doesn’t need another DRM solution – it needs THE DRM solution for eBooks – LCP

    Don’t assume Amazons current market share defines its future market share
    – especially if there is an open, non-proprietary, DRM alternative that doesn’t lock us in to a retailer for our books
    – the only value add Amazon provides to us is DRM distribution. And they charge us 30-70% for this.
    – Not providing LCP will do far more for supporting monopolistic eBook platforms than providing LCP will
    Using words like “pig-headed” is cute marketing but may be ignoring reality and doesn’t add to the discussion.
    – and the same could probably be said about DRM-free advocates
    – intimating that publishers who use DRM believe their customers are untrustworthy is insulting to both parties
    – the usual DRM-free analysis seems to ignore use cases other than intentional theft by customers
    I respect what O’Reilly has done and am one of those happy customers; but:
    – your market is not everyone’s market
    – your customers are not everyone’s customers
    – your and your customers’ use cases and threats are not the same as everyone else’s
    – don’t assume that your business case works for everyone else
    The IDPF should not focus any resources on negative activities such as:
    – targeting a particular vendor, irrespective of whether its the Amazon Kindle, Adobe ACS, Apple IOS, or whatever
    – limiting freedom of choice for businesses by NOT supporting open standards-based LCP distribution models
    The IPDF should focus on positive activities that drive the industry forward and encourage innovation such as:
    – providing open, non-partisan, standards-based options to the industry
    – solutions that focus on connecting writers with their readers in ways that work for them, not just for middlemen
    There is not a single more important thing that IDPF could possibly do than to develop Lightweight DRM (LCP)

  2. Thanks for your comments, John. Although it may have seemed as though DRM-free was an approach that would only work for technology publishers like O’Reilly I’m glad to see more trade-oriented publishers like Macmillan/Tor and Sourcebooks moving in that direction as well.

  3. I hope you won’t mind my posting a link to a blog post I did a few days ago…


    John, with all respect, if LCP is something, it’s clearly not a solution to anything, just a bunch of additional problems bound to happen.

    Clearly, if an alternative DRM scheme needed to be created, it should be hardware/sofware/ecosystem agnostic… But since, with or without DRMs, there is not even a single format to target, it’s simply ludicrous to try and reach that.

    What impact do you think the IDPF would have on Amazon, even as it can’t have them adopt epub, and even among epub adopters have distinct rendering for the same files ?

    A compromise can be found with watermarkings, but I don’t think they need to be standardized… And even then, there are numerous problems with that proposition too.

    LCP is nothing more than a (perhaps well defined, but still ugly) contraption used to latch epub to the anti-circumvention laws, at the explicit disdain of the readers’s interest.

    As such, I’ll consider them exactly as what they are : a nuisance that must be eradicated on sight.

  4. I went into a shop the other day looking for an ereader. The assistant ran up to me asking if I had any questions so I asked “Which companies have now ditched DRM and actually deserves my money?”

    He just looked shocked and said “I am not sure”. He tried to assure me “Well, it depends on what types of books you most like, which has the biggest catalogue?”. I said “I don’t care who has the biggest cage, I just want to read any book”. He couldn’t help any more so I walked out again.

    I keep trying each year to buy an ereader but apparently the book market they depend on is still one dictated by fools who think that books are about who has the biggest cage and the widest deal with whoever.

    As a consumer, I just want books. Any book. I don’t care about their stupid deals and who with.

  5. John Willis:

    intimating that publishers who use DRM believe their customers are untrustworthy is simply true and only insulting to the publishers who do so.

    –a digital book buyer who will not buy books from companies that don’t trust him.

  6. Even if another DRM scheme was needed (unlikely), the thing that is actually needed is an agreement by the majors to use it.

  7. …The world doesn’t need another DRM platform, regardless of whether it’s called “lightweight.” DRM is annoying for customers and provides a false sense of security for publishers…

    Correct. Any DRM system on ebooks is easily cracked by anyone with 2 spare brain cells rattling around in their heads.

    DRM is annoying only to customers who have not figured out it takes next to no time to get rid of that crap and archive their ebooks in formats that will still be able to be read a couple decades from now.

    False sense of security is correct. DRM providers and nothing more than snake oil salesmen who cannot backup their claims.

    I remember a few months ago about a company named copysafe who claimed they had unbreakable document DRM. It took me less than a minute to figure out how to circumvent his entire DRM scheme and the man still does not believe I have done so.

    Can’t tell you how I did it, that is illegal in America now but what I can say is anyone can do it just as quickly as I did all you have to do is think about it. Virtually all DRM for content has weak links that CANNOT be closed no matter what type of scheme they come up with.

    Content companies would be better advised to spend that worthless money on PR that convinces their customers they actually do care about them the person rather than them their wallet!

    Even then, those of us who understand how business works in the world today will see through this cloud of BS as though it was a clear gas window!

  8. The focus on books is too narrow, but John’s points about O’Reilly’s business model not being suitable for all companies is very true – we need to hear a wider application of this across other markets for the argument to be convincing.

    Selling access to online services, through some license and authentication, is the most robust business model in many industries. O’Reilly sell this with Safari, Dropbox sell their premium channel, Google sell access to Apps for Business. Seeing publishers’ content as fundamentally different from these examples is only relevant because the content is currently so easily copiable, exportable, redistributable.

    I’m not sure if the IPDF proposal is the answer, but the lack of a technology solution that serves publisher’s content as a licensable product is a temporary issue, that will continue to attract proposals until it is solved. The customer’s difficulty is with the cumbersome and flakey solutions, not the unwillingness to pay to the product.

  9. Joe,

    Thanks for your feedback. I don’t know whether “lightweight” DRM is an answer or not but your comments have certainly been food for thought. In particular you pose two great questions: “Why would anyone want to develop yet another DRM option for, at best, 30-40% of the market?” and “Why do you want to give the publishing industry another distraction and reinforce that false sense of security when we’re finally seeing movement towards a DRM-free world?”. On further reflection though your questions reinforced my personal conviction that standardizing a lightweight DRM is worth further investigation. Let me take your key questions one at time:

    “Amazon doesn’t use the EPUB format… [so] why would anyone want to develop yet another DRM option for, at best, 30-40% of the market?”

    There are several answers to this question.

    The first is that establishment of an open standard almost by definition comes at a point in time when proprietary solutions represent the majority of the market. It’s an uphill climb, but if the community let market share stand in the way, we’d never have any standards. After all, HTML was developed when Internet content was locked into AOL and Compuserve walled gardens. HTML5 was designed even though Flash was 99% of the market for interactive Web content. So as I see it the job of those of us developing open standards for digital publishing such as EPUB is to increase the market share of the open solution – the fact that proprietary solutions like Amazon Kindle have majority market share is motivation not disincentive! And, in fact, we are already seeing Amazon move towards standards support to the point that it’s arguably inaccurate to say that Amazon “doesn’t use the EPUB format”. Sure it’s a stretch to imagine them supporting EPUB natively, even more so with a standard DRM, but they are already accepting EPUB files from major publishers as well as self-publishing authors. The stock demo in the Amazon booth at London Book Fair was of uploading EPUB files to KDP. And of course KF8 is based on HTML5 so looks an awful lot like EPUB 3.

    Secondly, Amazon doesn’t have majority market share everywhere. IDPF is a global organization with 350 members from 36 different countries, in most of which there isn’t even a Kindle Store and where Amazon can’t leverage their dominant position in online sales of print books as they could in English-language markets. And, precisely because eBooks haven’t yet taken off in many of these markets, things are fluid, and there’s more opportunity for convergence to a single interoperable DRM.

    Last but not least, it’s not a question of “yet another” DRM option. There is no off-the-shelf DRM option for EPUB 3 currently available, and may not be for over a year. Having to wait two years for upgrades to a proprietary vendor ‘s DRM creates unacceptable “drag” on timely adoption of the open standard, leaving content distributors (including publishers selling direct), who generally can’t afford to roll their own solutions, in a pickle. And when proprietary DRM solutions for EPUB 3 are available, they will necessarily tie distributors to proprietary reading systems.

    Of course an arguably better answer for distributors and publishers – and the only answer right now – is to just stop using DRM. That ‘s a lead-in to your second question:

    “Why do you want to give the publishing industry another distraction and reinforce that false sense of security when we’re finally seeing movement towards a DRM-free world?”

    Joe, I’m with you in spirit! Personally, I don’t like DRM as a consumer. And I’d rather see the energies of the community developing open standards focused in more constructive areas. Certainly if work to standardize DRM looked like something that would impede a shift to DRM-free content distribution I’d have no appetite to do it.

    But, the reality is that “movement” towards DRM-free is a trickle, not a flood. Out of the top 50 publishers in North America, what do we have – one major author and one secondary imprint of a Big Six publisher experimenting with DRM-free distribution? Almost certainly, as a percentage of titles selling material volume, there’s less DRM-free content now than we had a year ago: new eBook releases, almost all of which use DRM, swamp TOR’s catalog plus seven Harry Potter books.

    It seems obvious to me that the flip that occurred in music sales (but not videos, games, or software) is very unlikely to happen with eBooks, regardless of the fact that you and I and many others see no evidence that DRM makes any difference to piracy rates and may well be a net negative for eBook sales. With print still being the majority of sales and revenue, publishers are unlikely to risk cannibalization of that market. Since it was trivial to make perfect digital copies of CDs, the music industry was put in a uniquely untenable position with respect to DRM on digital files. Print books can and will be digitized by pirates – as J.K. Rowling painfully found out – but there’s a significant barrier to simultaneous sharing a print book with all your friends or the whole dorm. Watermarking (a form of “social DRM”) is a partial answer but it seems clear that for most publishers it’s not going to be enough: one European major publisher CEO recently told me “we are very skeptical of watermarking alone, it can be removed quite easily” (the O’Reilly affiliate Safari Books Online applies encryption to the watermarked PDFs it generates… so maybe you guys aren’t completely anti-DRM after all). As well, with music the digital market leader was making their money selling HW not content – they had every reason to move towards DRM-free. Amazon’s losing money on HW so they seem highly unlikely to want to go DRM-free.

    And when you look beyond North America and Europe to the global market, there is even less evidence of any trend towards DRM-free. I’ve visited Brazil, Argentina, Japan, and Korea this year and in all of these places, there’s a blanket assumption that all publishers will continue to require some level of DRM, because otherwise over-sharing would be rampant.

    So, for better or worse, I just don’t see eBook DRM going away, regardless of the presence or absence of a standard DRM for EPUB. It’s just a fact that some publishers and distributors in some circumstances will continue to require DRM. And we haven’t even talked about lending.

    Therefore the only choice the open standards community has is whether or not to introduce a standard DRM mechanism that affords the potential for interoperability. I’m not convinced we should – that depends on considerations like the likely adoption of such a standard mechanism and the cost to IDPF to develop and establish it. But I am convinced – even more so by your questions – that figuring these things out is the right thing for us to do. And, if there is going to be a standard, I do feel it’s right to aim for “lightweight”.

    • There are a small number of PDF downloads available through Safari Books Online that are technically encrypted. That feature has always been at the discretion of the publisher, and the vast majority of publishers no longer bother. It is true that there is watermarking on all the current PDF downloads, similar to the watermarking from tech publishers like the Pragmatic Press, or more recently of course Pottermore.

      None of the EPUB or Mobi downloads available within Safari Books Online carry any encryption at all.

      Safari Books Online is a streaming service, much like Netflix, and we’re actually phasing out the complex token system in favor of more explicit offline caching systems (similar to Spotify) in part because it generates a lot of customer confusion (and was created when there simply weren’t viable mobile/HTML caching options).

    • Mr. McCoy, let me call up a scenario. You walk into a store. The manager comes over, slaps you across the face as hard as he can and screams “You’re a goddamn thief and I’m going to stop you.” After your ears and head stop ringing, he pauses and says politely “How may I help you make your purchase?”

      DRM is the slap and screaming. The correct response to the question asked afterward is “Stay out of my way. I’m leaving and not coming back.”

  10. when bill mccoy gets _all_ of the i.d.p.f. members
    to sign on that they will use his “standard d.r.m.”
    — you know, the single d.r.m. that’s interoperable,
    don’t believe the people who say it’s impossible! —
    maybe then people should start listening to him…

    of course, my guess — based on its history — is
    that apple wouldn’t tolerate that many “partners”.
    since apple knows that it’s hard to keep a secret
    when so many people would need to keep quiet.

    until he has this full-slate broad-based mandate,
    mccoy is just blowing hot air.


    p.s. but it might be nice to know now just where
    this demand for i.d.p.f. to do d.r.m. is coming from.
    bill makes it sound like 95% of the publishers are
    pestering him for d.r.m. how ’bout o’reilly finds out?

  11. There is big question in the core of this topic as to whether rights holders (who make the decision generally) would generate more revenues long term if they use DRM or not. The answer to that is certainly far from conclusive (or else we’d not, as an industry be discussing this at all.) The big perceived revenue impact is the role DRM plays in reducing casual sharing of ebook files. Some do argue that sharing of this nature, plus the increased consumer convenience, would offset that and actually increase sales overall. Of course that equation would vary across sector, region, etc. The data needed to make strong arguments either way are not readily available today. While O’Reilly has done well with your DRM free approach, I imagine it would be quite hard to actually “prove” that your long term revenues are higher than they would otherwise have been.
    I”m not personally advocating for or against using DRM in any given situation. I am advocating here the we focus on the core rights-holder’s issues that actually need to be addressed in order to have a reasoned and informed vs religious discussion on the topic.
    In any case, DRM certainly is still very popular globally with publishers and I don’t see a strong trend away from it. I work at a company that makes ereading software for ebook retailers and publishers world-wide, so I’d much rather have more technology options than less.

  12. The bottom line problem that we are trying to solve with technologies like DRM is how do we generate revenue for the asset owners. It’s not really about stopping people from sharing nor will we be able to stop the sharing. For every roadblock (DRM) that we put up, no matter how sophisticated, someone will find a way around it. History has proven that. It’s a vicious and resource intensive cycle. IMHO, the solution is take a lateral approach to the problem. Instead of putting up roadblocks, we should focus our energies on alternative ways to monetize the book such as in book advertisements or other revenue generating vehicles.

    • Lu, while you are correct that DRM systems can almost always be circumvented, I think the operative word is “reduce” vs “prevent”. While I don’t have stats, I think it is highly likely that there is dramatically less sharing of Kindle books due to DRM than would be the case without it. Whether countervailing profit factors – e.g. reduced development costs, purchases resulting from word of mouth discovery from owners of illicit copies, improved user experience, etc would provide a net gain to rights holders is harder to predict. That said, it is a fairly reflexive instinct of rights holders to attempt to reduce illicit copies. So those advocating for DRM free thus carry the onus of convincing rights holders that their gut instinct is incorrect – and data would be a strong tool in that effort. Even well crafted statistical modeling based on reasonable assumptions would be useful – if done by neutral parties. But that would require a long time horizon analysis as short term and long term revenue impacts could be quite different. Comparisons to the music industry are almost completely useless due to the extreme differences between the media types and consumption patterns, and the monetization strategies of the players as Bill aptly pointed out.

      I’m all for innovation in how to monetize ebook content. The News sector is one harbinger in that arena, and the results are surely mixed. Worth doing for sure, but I don’t necessarily buy that it is a binary choice between traditional retail models (growing at 100’s of millions per year) and alternative models – at least in the near term.

      There is absolutely no question in my mind as to whether industry standards would be beneficial to both rights holders and end users – if adopted. It is certainly not a slam dunk that wide-spread adoption could be eventually achieved. However, this is always the case with standards efforts, and we’ve seen successes in the past. If it becomes common someday for rights holders of consumer content to believe that such technology is not needed in retail, that would be great for indie retailers and readers. But in the mean time, we should continue to work toward industry standards. Libraries, rental and subscription services, bulk licensed/enterprise content scenarios could still make use of it even if Trade goes a different route eventually.

Leave a Reply

Your email address will not be published. Required fields are marked *