E-book software companies, publishers, distributors and e-stores, then, should consider social DRM as an alternative to traditional, Mobi-style DRM. Social DRM works by embedding names and/or other identifying information into files you buy, so P2Ping isn’t as tempting. It’s hardly perfect. But it isn’t the e-book toxin that Mobi-style DRM is. With social DRM, e-books can be much easier to buy and own than with the traditional variety.
Best protection is none, but…
The best protection is none in this era when pirates can so easily scan paper books. Fictionwise is smartly offering thousands of DRMfree books, in cases when publishers will allow. Mobi DRM, although actually gentler than many competitors, is still a hassle. Last I knew, Mobi wouldn’t even let you use a book on more than four devices at once—a barrier I’m constantly up against.
But many large publishers still hate the idea of using nothing. So social DRM could be a compromise. For software companies, stores and retailers alike, social DRM could be a way to get the jump on the competition.
Hello, Mobi? Social DRM would be one way of bouncing back from your debacle. Your owner, Amazon, is already experimenting with DRMfree music, which a far, far more radical step than social DRM.
Social DRM as a way to take e-books more seriously
At least with social DRM, buyers would never lose access, even temporarily, to already-bought books—no small concern when hard drives and the like may go south.
We could take e-books more seriously as a medium if we could truly buy them, especially for future use on new machines with different operating systems. Or present use on the cellphones, PDAs and other gizmos now proliferating in many households.
The result? We’d buy more e-books, probably lots more, especially with a standard format in use, such as the IDPF’s epub. No longer would our use of e-books be so closely tied to the competence or survival of the company behind a specific format and protection system. E-reader companies could compete in such areas as ergonomics and features.
The challenges—and your suggestions
So how would social DRM work? A publisher or other company would embed identifying information, as noted—names and perhaps encrypted credit card numbers and other items. The process would be probably be less complex than existing DRM systems.
But social DRM comes with its own challenges, and I’ll welcome a discussion of problems as well as solutions. Here’s a start, nothing more.
—What kind of information should a social DRM system embed in a book-buyer’s file, besides someone’s name? How much of a privacy risk are encrypted credit card numbers, a system used by eReader/Palm? So far I haven’t heard of any card-number leaks involving Palm, but there’s always a first. Anyone else know of any cracks? How secure could such system be made? In plain English, what technical precautions could be used? Is there a risk of crackers sneaking into the machines of legitimate buyers and spreading their libraries all over the Net?
–How expensive would it be to run a social DRM system on a mass scale? More or less costly than the current crop of traditional encryption-based systems? Could expenses be reduced by avoiding the use of encrypted credit card numbers and relying on verified names and physical addresses instead—perhaps in cooperation with services like PayPal and credit card companies?
—How reliable would social DRM systems be, technically, compared to traditional DRM systems? Would there be less of a chance of Mobi-style failures?
–What should e-book publishers do to augment the technology with the proper social environment to discouraging mass piracy? Tellingly, many p-books are already available in illegal e-versions, but most publishers are not yet losing major income. Will this change as e-book technology improves with better displays and other innovations? What can be done to control the piracy problem? The best protection, as I and others see it, is a mix of fair prices for legal editions, convenience of use, and efforts by publishers and authors to maintain a friendly presence on the Net, so they are less attractive as theft-fodder. Interactive books and updated editions could help in some cases, making single files less useful in themselves. So could larger charitable contributions by best-selling writers such as J.K. Rowling.
–How could social DRM be applied to libraries? Working with publishers, could they change their business models to allow patron to keep books for strictly personal use—and pay more to publishers? Or rely on patron-identifiable files that would be vanish when the checkout expired?
Further details on Palm’s use of social DRM or at least a variant
Now–back to Palm (eReader is the current name) to examine how its protection currently works.
According to an old Palm press release, “All eBooks from Palm are encrypted to prevent the unauthorized distribution of books. Using a credit card to make the purchase, a copy of the book is created in real time and is unique to an individual. When the book is opened for the first time on the person’s handheld computer, he/she is required to enter his/her name and credit card number in order to unlock his/her personal copy of the book. This unlock operation only happens the first time the book is opened.”
Of course, some might say this is no longer social DRM, given the need for an unlock.
How the Pragmatic Bookshelf uses social DRM
So what about a less complicated approach? Adobe’s Bill McCoy has zeroed in one that Pragmatic Programmer uses. Adobe is hardly about to ditch traditional DRM, but Bill has been open minded about widespread adoption of social DRM:
“For eBooks, I really like the ‘social DRM’ approach of The Pragmatic Programmers, who ‘stamp’ PDF eBooks with a ‘For the Exclusive Use of …’ and the name of the purchaser. Given that they are making more than 30% of their total sales on eBooks, far more than any other traditional publisher, it’s hard to argue that this approach is infeasible.”
Pragmatic’s system in action
See Pragmatic’s FAQ. Excerpt:
“There is no copy protection or functionality restrictions in the PDF files. You may view or print them for personal use as you see fit.
“You may not give your PDF version to other people. The PDF file you order is personalized with your name and other identifying information.
“You can buy multiple licenses of a PDF file for your team or organization, in which case the PDF will be stamped with the number of allowed licenses. We’ll only send you one, so as to conserve everyone’s bandwidth.”
Sounds promising to me. Time for other publishers to learn from Pragmatic’s success and jump in with experiments of their own? The real risk would be in not experimenting and leaving themselves exposed to damage from fiascoes more serious than Mobipocket’s current failure. Worse, what if new technology render current protection obsolete? A far-safer approach would be to foster, and rely on, healthy social norms. Tech changes. Human nature, good and bad, doesn’t. While I prefer no protection, I hope that big publishers will consider social DRM as a compromise.