The Codification Of Web DRM As A Censorship Tool

from the exceptions-that-create-a-rule dept

The ongoing fight at the W3C over Encrypted Media Extensions -- the HTML5 DRM scheme that several companies want ensconced in web standards -- took two worrying turns recently. Firstly, Google slipped an important change into the latest Chrome update that removed the ability to disable its implementation of EME, further neutering the weak argument of supporters that the DRM is optional. But the other development is even more interesting -- and concerning:

Dozens of W3C members -- and hundreds of security professionals -- have asked the W3C to amend its policies so that its members can't use EME to silence security researchers and whistleblowers who want to warn web users that they are in danger from security vulnerabilities in browsers.

So far, the W3C has stonewalled on this. This weekend, the W3C executive announced that it would not make such an agreement part of the EME work, and endorsed the idea that the W3C should participate in creating new legal rights for companies to decide which true facts about browser defects can be disclosed and under what circumstances.

One of the major objections to EME has been the fact that, due to the anti-circumvention copyright laws of several countries, it would quickly become a tool for companies to censor or punish security researchers who find vulnerabilities in their software. The director of the standards body called for a new consensus solution to this problem but, unsurprisingly, "the team was unable to find such a resolution." So the new approach will be a forced compromise of sorts in which, instead of attempting to carve out clear and broad protections for security research, they will work to establish narrower protections only for those who follow a set of best practices for reporting vulnerabilities. In the words of one supporter of the plan, it "won't make the world perfect, but we believe it is an achievable and worthwhile goal."

But this is not a real compromise. Rather, it's a tacit endorsement of the use of DRM for censoring security researchers. Because the argument is not about to what degree such use is acceptable, but whether such use is appropriate at all. It's not, but this legitimizes the idea that it is.

Remember: it's only illegal to circumvent DRM due to copyright law, which is not supposed to have anything to do with the act of exploring and researching software and publishing findings about how it functions. On paper, that's a side effect (though obviously a happy and intentional side effect for many DRM proponents). The argument at the W3C did not start because of an official plan to give software vendors a way to censor security research, but because that would be the ultimate effect of EME in many places thanks to copyright law. Codifying a set of practices for permissible security disclosures might be "better" than having no exception at all in that narrow practical sense, but it's also worse for effectively declaring that to be an acceptable application of DRM technology in the first place. It could even make things worse overall, arming companies with a classic "they should have used the proper channels" argument.

In other words, this is a pure example of the often-misunderstood idea of an exception that proves a rule -- in this case, the rule that DRM is a way to control security researchers.

Of course, security research isn't the only thing at stake. Cory Doctorow was active on the mailing list in response to the announcement, pointing out the significant concerns raised by people who need special accessibility tools for various impairments, and the lack of substantial response:

The document with accessibility use-cases is quite specific, while all the dismissals of it have been very vague, and made appeals to authority ("technical experts who are passionate advocates for accessibility who have carefully assessed the technology over years have declared that there isn't a problem") rather than addressing those issues.

How, for example, would the 1 in 4000 people with photosensitive epilepsy be able to do lookaheads in videos to ensure that upcoming sequences passed the Harding Test without being able to decrypt the stream and post-process it through their own safety software? How would someone who was colorblind use Dankam to make realtime adjustments to the gamut of videos to accommodate them to the idiosyncrasies of their vision and neurology?

I would welcome substantive discussion on these issues -- rather than perfunctory dismissals. The fact that W3C members who specialize in providing adaptive technology to people with visual impairments on three continents have asked the Director to ensure that EME doesn't interfere with their work warrants a substantive reply.

For the moment, it doesn't look like any clear resolution to this debate is on the horizon inside the W3C. But these latest moves raise the concern that the pro-DRM faction will quietly move forward with making EME the norm (Doctorow also questioned the schedule for this stuff, and whether these "best practices" for security research will lag behind the publication of the standard). Of course, the best solution would be to reform copyright and get rid of the anti-circumvention laws that make this an issue in the first place.

Filed Under: browsers, drm, eme, exceptions, html 5, research, security
Companies: google, w3c

Denuvo Responds: Five Days Is Better Than No Days, Amirite?

from the math dept

It certainly looks for all the world like Denuvo is unraveling as a valid option for DRM in video games. The software, once described as the final solution to piracy, has had its defenses cracked in time intervals following an exponentially shorter curve. For how long it would take to crack a Denuvo-protected video game, reality went from "never", to "months", to "less months" in the case of the latest Doom game. After Doom was cracked, and after the developer removed Denuvo from the software via a patch, the makers of Denuvo spun it as a victory, stating that developers were protecting their games during the early release window and then removing it later.

But then Resident Evil 7, protected by Denuvo, was cracked in under a week's time. With its spin halted by this new reality, Denuvo's response has changed slightly to: hey, it could be worse!

Now, Denuvo is defending its "Anti-Tamper" technology, saying it's still the best copy protection currently available.

"It's correct that the title in question was cracked some days after release," Denuvo Marketing Director Thomas Goebl told Eurogamer. That said, "Given the fact that every unprotected title is cracked on the day of release—as well as every update of games—our solution made a difference for this title."

It's a response as bold as it is simple: five is a number greater than zero. And, hey, that's true. Every positive number is greater than zero. Like, oh I don't know, the cost of Denuvo licensing being greater than the zero it costs to not implement it at all. If we're going to boil this all down to simple math equations, it seems to me the most important equation should be is X greater than or equal to Y, with X being the amount of money a few days of DRM protection provides and Y being the cost of using Denuvo DRM. With a cracking window short enough that I can count the number of days it takes on one hand, it strains the mind to understand how X could possibly be greater than Y.

And keep in mind that Denuvo prefaced this by stating that its DRM was the best on the market. And that's true! But that doesn't say anything positive for the value of Denuvo, while at the same time telling game companies all they should need to know about the value of DRM in general: it doesn't work. And not only does it not work, but you don't get your money back after it fails to do its job.

Goebl did deny earlier reports that publishers were being issued refunds after their Denuvo-protected games had been cracked. "We do not have any deals in place that offer refunds if a game is cracked within a specific time frame," the company told Eurogamer.

Hey, at least they're being upfront about it. Game developers can buy a thing that doesn't work and doesn't come with a refund, or they could notice that Resident Evil 7 continues to sell very, very well, piracy and all.

Filed Under: cracked, denuvo, drm

RIP Denuvo: Resident Evil 7 Cracked In Five Days

from the on-to-the-next-one dept

The Denuvo saga has been impressive on a couple of levels. The DRM software's public cycle was notable first in that game-cracking groups, notorious for their confidence in their own abilities, initially sounded the alarm over Denuvo's status as an anti-piracy unicorn that would never be broken and would lead to the end of software piracy. That happened in January of 2016. By August, Denuvo was being broken by other cracking groups. By the time winter rolled around, game developers, including developers of AAA titles, were pushing out quiet updates to games to remove Denuvo from their software entirely. Denuvo's makers, meanwhile, spun this as a success story, suggesting that developers were chiefly using Denuvo to protect games during the initial release cycle and then removing it afterwards.

But that thin thread of relevancy appears to have snapped, relegating Denuvo to the same scrap pile as every other form of DRM ever tried, now that a cracking group has successfully cracked a Denuvo-protected game in five days' time.

Yesterday, just five days after its January 24th retail date, Resident Evil 7: Biohazard was cracked by CPY. The self-proclaimed Italian group placed RE7 on a so-called top site, with the ‘piracy pyramid‘ doing the rest of the work by cascading it to torrent sites in a matter of minutes. Currently, tens of thousands of pirates are grabbing the 23GB download.

So, that protected release window has shrunk to just under a week. Whatever the cost to implement Denuvo in a game, those five days can't make it worth the price of admission.

Now, some will point out, as does the TorrentFreak post, that there are still un-cracked Denuvo-protected games on the market. And that's absolutely true. But also true is that the trend for the efficacy of Denuvo DRM only travels in one direction and not a good one for those looking to the software as a way to end the scourge of video game piracy. When we begin measuring the effectiveness of DRM in days, or even when we do so in weeks, it's clear the only logical action for developers that used it is to rage-quit the DRM entirely and move on.

Particularly when that same DRM, so ineffective at stopping piracy, proves to be impressively effective at pissing off real customers.

Some fans have complained that Denuvo is unwieldy and annoying. It forces games to be dependent on third-party activation servers and makes certain types of modding impossible. Publishers use the program regardless, in hopes of boosting game sales by rendering piracy more difficult.

And now that it's no longer serving that purpose, it's time it was dropped from use. The good news for those of us who want to see a thriving games market is that Resident Evil 7, because the reviews have been quite positive, is selling quite well. Even with it having been cracked in five days' time. Because piracy isn't a barrier to success, nevermind one worth annoying legitimate customers over.

Filed Under: denuvo, drm, resident evil 7

Denuvo Spins Doom Dropping Its DRM Into A Victory Dance

from the managing-expectations dept

The speed with which the prevailing opinion of Denuvo, the DRM unicorn de jour, has changed has been nearly enough to make one's head spin. It was only at the start of 2016 that the software was being rolled out en masse by many game publishers, leading some normally bombastic cracking groups to predict that the video game industry had finally found its final solution to piracy. That lasted until roughly the middle months of the year, when several games using the DRM were cracked. While Denuvo's makers remained fairly silent, the opinion of it shifted from "final solution" to "hey, it's still the hardest DRM to crack." Cracking groups that typically measure their work in weeks were finding cracking Denuvo to be a project measured in months. That likely explained why so many big-ticket games still used it. Until, somewhat suddenly, multiple big-name games began dropping Denuvo from their code via patches and updates. The latest example of this was Doom silently nixing Denuvo, with id Software not even referencing the move in its patch notes.

And so the speculation began as to what was going on. Some said the game makers were finally realizing that DRM is pretty much useless at everything other than being a minor inconvenience for cracking groups and a major inconvenience for many legitimate customers. Others suggested that perhaps Denuvo offered some kind of money-back deal if a game using it was cracked within a certain time-frame. Still others claimed that publishers were only using the DRM during the initial release window of the game to protect it during the most crucial sales period, and then dropping it afterwards.

Denuvo, just recently, publicly endorsed the last theory.

“The simple reason why Denuvo Anti Tamper was removed from Doom was because it had accomplished its purpose by keeping the game safe from piracy during the initial sales window,” Denuvo’s Robert Hernandez said to me in an email. “The protection on Doom held up for nearly four months, which is an impressive accomplishment for such a high-profile game.”

Hernandez also insisted there is nothing like a money-back program if a game using Denuvo is cracked. And perhaps he's correct about why these games are suddenly dropping the DRM, although it should be clear that this theory is the best one available for Denuvo's business. The other two theories mean Denuvo is a failure. At least the idea that game publishers are using it during the initial release window allows the company to claim it's still providing a benefit to publishers.

But for how long? Given the precipitous drop in the posturing around Denuvo from "un-crackable" to "hey, we kept the game safe from piracy for a couple of months", it's reasonable to wonder why that downward trend shouldn't continue in that direction. Unless the company has some serious tricks up its corporate sleeve, it's not like cracking times are going get longer rather than shorter.

And the bigger question is one of math. If Denuvo carries negatives in its use, as its being dropped by several games clearly suggests, are those negatives really made up for by a couple of month's worth of protection? At four months, perhaps id Software thought it was. But if that protection window shrinks, there is going to be a line which, once crossed, makes Denuvo more trouble than its worth. You know, like every other DRM ever created. Denuvo's business still relies on its software being a unicorn, although one it already acknowledges has a horn much less shiny than originally believed.

Filed Under: copyright, cracking, denuvo, drm

Like Flies: Doom The Latest Game To Remove Denuvo Via Patch

from the hmmmm dept

One or two instances can be outliers, but any more than that and it's a trend. And there is now indeed a trend among video game companies for removing Denuvo, the DRM once thought to be the industry's final solution to piracy. As the DRM software has indeed been proven crackable, some game makers have begun releasing patches to remove it from their games entirely. Somewhat strangely, Denuvo's removal tends to be absent from the patch notes. Such is the case in the latest example, in which id Software has stripped AAA title Doom of Denuvo.

Theories abound as to what is going on here. There are some who believe these game makers are finally coming around to understanding that DRM is annoying their legitimate customers and no longer stopping piracy. The problem with that theory is that you would think companies like id Software would include the removal of Denuvo in the patch notes if that were the case. It would be a PR boon to be seen as consumer friendly if there were no plans to keep up this annoying DRM arms race any longer.

At the NeoGAF link above, some are suggesting that the new strategy for publishers will be to utilize DRM in the first few months of a game's release and then strip it out once it's been on the market for a while. That way, the companies can combat piracy as best as they can during the critical initial release window and then, I guess, choose to stop annoying their customers months down the road. If this is indeed the strategy, it's a dumb one, as quite a lot of ill will in the public can be generated if/when the DRM breaks the gaming experience for real customers, especially if that happens in that same critical release window. Not to mention that Denuvo in particular cripples the modding community, which often serves as a boon to interest in any particular game.

Still others think that this all has something to do with a money-back guarantee offered by the makers of Denuvo.

There are theories floating around, though. The biggest is a rumor that Denuvo offers developers a money back guarantee if a game is cracked within three months. The (alleged) main stipulation? Developers have to remove the anti-piracy tech first. Given that Inside and Doom have both been cracked, majorly blemishing Denuvo’s vaunted un-crackable reputation, that would certainly explain the removal.

And, if true, it should hopefully dissuade that kind of hubris from developing with other DRM makers in the future.

Which is ultimately the entire point: this is an awful lot of hand-wringing over a technology that has never been proven to work, has been shown time and time again to pain the backsides of legitimate customers, and acts purely as a cost to game developers with no real ROI. Maybe it's time the industry decides it's simply done wasting its own time and money on DRM?

Filed Under: denuvo, doom, drm, video games

Game Developer Updates Game To Remove Denuvo DRM As Fans Cheer

from the better-late-than-never dept

Denuvo, as you will recall, is the name of a modern version of anti-piracy DRM, foretold to be the end of video game piracy, when the reality is that its legend exceeded its capability. While we've begun to see an uptick in stories of game developers actively limiting or excluding the use of DRM in their games, those stories tend not to be about Denuvo DRM. Many have taken this to be an indication of Denuvo's strength and usefulness, even if it isn't 100% effective.

But now we do indeed have a story about a game developer that had initially included Denuvo in its game, only to yank it via a patch at a later date.

Nowadays, most talk of DRM revolves around titles that add the “anti-tamper” tech known as Denuvo, thus preventing piracy of those games. That’s what makes the latest update to side-scrolling puzzle game Inside so unusual: the developers have chosen to do away with Denuvo.

Playdead did not give a reason for the removal of Denuvo in the short patch-notes, though it’s worth noting that the game was also recently released on GOG—which is marketed as a digital storefront that does not believe in DRM.

Which is one of the ways that GOG is most useful. Like a popular candidate on the extreme end of the political spectrum, the success and popularity of GOG serves to yank what might otherwise be a near-uniform desire to use DRM by game developers back to a more reasonable position. If developers see GOG as a good platform for selling their games, even with the site's virulent anti-DRM stance, then it stands to reason that DRM generally isn't worth including in their games. That this is starting to become the calculation for what was supposed to be the DRM unicorn is a positive development, though one wonders just how much money Playdead wasted including it in the first place.

Meanwhile, fans of the game are celebrating Playdead's decision. Some are even actively promoting the game to friends and family, or buying other titles by the studio, all as a result for removing an annoyance to legitimate customers.

Filed Under: denuvo, drm
Companies: gog, playdead

Bug Related To HDCP DRM Is Giving New Playstation PS4 Pro Owners Headaches

from the first-do-no-harm dept

Sony recently released the slightly-more powerful Playstation 4 Pro console, a beefier version of its existing PS4 console that brings 4K and HDR functionality to customers with 4K sets. 4K was already proving to be a bit of a headache for early adopters, many of whom didn't realize that in order to get a 4K device to work, every device in the chain (particularly their audio receiver) not only needs to support 4K and the updated HDMI 2.0a standard for HDR (high dynamic range), but HDCP 2.2 -- an updated version of the copy protection standard used to try and lock down video content.

HDCP has always been a bit of a headache, like so much DRM usually causing consumers more trouble than it's worth, and then being ultimately useless in trying to prevent piracy that occurs anyway. The latest incarnation of this issue appears to be plaguing PS4 Pro owners, who are plugging their $400 console into their expensive new receiver and 4KTV only to find that the unit doesn't work as advertised. For some people, it's because they likely didn't realize (as noted above) that everything in their AV chain needs to support not only HDMI 2.0a, but the latest HDCP copy protection standard:

"HDMI 1.4 can handle 4K resolution, but its 4K support is limited to video signals at 30 Hz (or 30 frames per second). HDMI 2.0 is required in order to handle the increased bandwidth required by a 4K feed at 60 Hz. And although all PS4s — including non-Pro consoles — can deliver HDR as of mid-September’s v4.0 firmware update, HDR technically requires HDMI 2.0a and HDCP 2.2.

Which is understandable, given that the bleeding edge isn't always a pretty and simple place to reside. There's always tweaking and tinkering required on the bleeding edge, and having to dive deep into your TV's unnecessarily-confusing menus is par for the course. But as the problem persisted through last weekend, many console owners discovered that they were only able to use their new console if they disabled HDCP entirely:

"The issue appears to be related to HDCP, the digital copy protection that’s built into the HDMI connection between the PS4 Pro and the TV. Sony launched the PS4 in 2013 with HDMI 1.4, the then-current HDMI specification. The introduction of HDR has brought forth HDMI 2.0a along with HDCP 2.2, the latest version of the port and its copy protection. That’s why the PS4 Pro box includes a high-speed HDMI cable that supports HDMI 2.0."

As a PS4 Pro owner I can confirm that out of the box the device simply wouldn't properly transmit a 4K signal to my Samsung TV (you get audio, but no video). To get the console to work I had to boot into safe mode, disable the latest iteration of the HDCP 2.2 DRM, then disable HDCP in the console settings after boot. Note that while this will allow users to at least use the console to play games in 4K with HDR, it prohibits them from being able to use the console to stream video content, given that's not possible with the DRM disabled.

At this point it's not entirely clear if the problem is a bug in the PS4 Pro firmware, or a bug in the compatibility firmware embedded in most new "smart" 4K TVs. Some users over at Reddit indicate that many of the TVs impacted by manufacturers like LG have long struggled to play nice with the HDCP DRM. And while the HDCP 2.2 standard may not be the only thing contributing to these interoperability bugs, it's pretty clear at this point that the DRM -- which will inevitably be bypassed anyway -- is at least playing a starring role in consumers not being able to easily use a piece of hardware they paid for.

Filed Under: drm, hdcp, playstation, ps4
Companies: sony

Shadow Warrior 2 Developers: We'd Rather Spend Our Time Making A Great Game Than Worrying About Piracy

from the good-guys dept

With the time we spend discussing the scourge of DRM that has invaded the video game industry for some time, it can at times be easy to lose sight of those in the industry who understand just how pointless the whole enterprise is. There are indeed those who understand that DRM has only a minimal impact on piracy numbers, yet stands to have a profound impact on legitimate customers, making the whole thing not only pointless, but actively detrimental to the gaming business. Studios like CD Projekt Red, makers of the Witcher series, and Lab Zero Games, makers of the SkullGirls franchise, have come to the realization that focusing on DRM rather than focusing on making great games and connecting with their fans doesn't make any sense.

And now we can add Polish game studio Flying Wild Hog to the list of developers that get it. The makers of the recently released Shadow Warrior 2 game have indicated that it basically has zero time for DRM for its new game because it's entirely too busy making great games and engaging with its fans. On the Steam forum, one gamer noticed that SW2 did not come with any embedded DRM, such as Denudo, and asked the studio why it wasn't worried about piracy. Flying Wild Hog's Kris Narkowicz replied:

“We don’t support piracy, but currently there isn’t a good way to stop it without hurting our customers. Denuvo means we would have to spend money for making a worse version for our legit customers. It’s like this FBI warning screen on legit movies.”

In a follow-up statement to Kotaku, Kris went even further.

“Any DRM we would have needs to be implemented and tested,” KriS explained to Kotaku. “We prefer to spend resources on making our game the best possible in terms of quality, rather than spending time and money on putting some protection that will not work anyway.”

In other words, the studio could spend time, money, and resources chasing around a white horse in the belief that it was some kind of anti-piracy unicorn, but doing so would be business-stupid. Instead, the studio has chosen to focus on making its game as great as it possibly can while choosing not to implement software within it that might harm that great experience for legitimate customers. Other staff at the studio essentially acknowledged that not including DRM on the game might result in some lost number of sales, but that the cost to the game and legitimate customers made it so that those lost sales didn't matter as much.

They’re banking on the quality of their game earning them enough money to counteract the lack of money coming in from people who’ll just steal their game. “We also believe that if you make a good game, people will buy it,” they said. “Pirates will pirate the game anyway, and if someone wants to use an unchecked version from an unknown source that’s their choice.”

It's always refereshing to hear when a game studio chooses to shrug off the understandable anger that must come along with finding that others are pirating its product to instead focus on what the best course of action for the business actually is: making the best product it can. Altruism doesn't run uniformly through the gaming public, but there are more than enough gamers willing to pay for quality games to make up the difference. It's not a perfect scenario from an ethics standpoint, but given that the alternative is arguably ethically worse in that it almost always carries with it a negative impact to paying customers, this is as good as it gets.

But does this sort of approach work? Well, you can see for yourself, as Shadow Warrior 2 currently sits atop Steam's "Top Sellers" chart and sits at the top of GOG's "Popular" sales tab. Hey, other studios, are you paying attention yet?

Filed Under: drm, piracy, shadow warrior, video games
Companies: flying wild hog

Come On Elon! Tesla Stupidly Bans Owners From Using Self-Driving Teslas For Uber

from the you-don't-own-what-you-bought dept

We've talked a lot about the end of ownership society, in which companies are increasingly using copyright and other laws to effectively end ownership -- where they put in place restrictions on the things you thought you bought. This is bad for a whole variety of reasons, and now it's especially disappointing to see that Tesla appears to be jumping on the bandwagon as well. The company is releasing its latest, much more high powered, version of autonomous self-driving car technology -- but has put in place a clause that bars Tesla owners from using the self-driving car for any competing car hailing service, like Uber or Lyft. This is not for safety/liability reasons, but because Tesla is also trying to build an Uber competitor.

We wrote about this a few months ago, and actually think it's a pretty cool idea. Part of the point is that it effectively will make Tesla ownership cheaper for those who want it, because they can lease it out for use at times when they're not using it. So your car can make money for you while you work or sleep or whatever. That's a cool idea.

But it's flat out dumb to block car owners from using the car however they want.

If Tesla wants to compete with Uber, that's great, but it should compete and offer a better deal for car owners, rather than artificially limiting what they can do. And the thing is, Elon Musk knows this. Remember, a few years ago when he famously freed up all Tesla patents into the public domain, recognizing that it was better to compete on execution rather than artificial legal limitations? So why not take that same approach with competing in car hailing services as well? Don't limit what owners can do with their cars. That's now ownership. ow they're just leasing.

Tesla's plan for a competing ride hailing service is a good idea, and I'm excited to see what the company does with it, but if it starts off by artificially blocking Tesla owners from using their cars on competing services, it makes me think that Tesla doesn't think it's own service will be very good, and therefor it needs to artificially lock Tesla owners into its own platform, rather than competing on the merits. That seems antithetical to the message that Tesla and Elon Musk have given off in the past. Hopefully Musk reconsiders this anti-consumer move and recognizes that Tesla can build such a service that can stand on its own merits without artificially restricting Tesla owners.

Filed Under: autonomous vehicles, car hailing, competition, drm, elon musk, limitations, ownership, restrictions, ride hailing, ride sharing, self-driving cars
Companies: lyft, tesla, uber

...And Here Come The Device-Restricted Music Subscriptions

from the oh-good dept

In the last episode of the Techdirt Podcast, we discussed the DRM implications of Apple's decision to remove the analog headphone jack from the iPhone -- specifically, the idea that in the future we may see music services that can only be played through specific output devices, such as a headphone-only subscription. We're not quite there yet, but now Amazon is blazing the trail with the first major music subscription offering with a strict one-device limitation:

Would you pay a few extra bucks a month to turn your smart home speaker into an intelligent, unlimited jukebox? Amazon is betting people will.

The company on Wednesday is launching a new subscription music service, Amazon Music Unlimited, that starts at $3.99 a month for a library of tens of millions of songs. That’s less than half the cost of Apple Music, Spotify Premium and other competing music services.

Here’s the catch: At that lower price, you can only use the new service on a single Amazon Echo device: an Echo, Echo Dot or Amazon Tap

And so we enter a world with yet another means of fragmenting digital music services and making them way, way less appealing. At least they were decent enough to drop the price -- but now that the floodgates are open, it's entirely possible such heavily limited subscriptions will eventually become the new baseline, and truly open subscriptions that can be played anywhere (one of the biggest advantages of digital music) will morph into an expensive luxury. The key difference between this and our speculation about Apple limited output devices is that the restriction happens further upstream, with the subscription only being piped to one specific device -- and if that device is an Echo Dot, there's even still an analog jack so it can be plugged into just about anything else. But the next step -- a subscription on a general purpose device like a phone with music that is artificially limited to only be output through certain devices, thanks to the DRM capabilities of digital-only connectors -- feels slightly and worryingly closer to reality. And what will this accomplish? Nothing more than ensuring legal digital music continues to suck in unnecessary ways.

The grand, omnipresent and incorrect assumption about music piracy is that it's primarily motivated by price, and the desire to get content without paying. It's not and it never has been: it's motivated by restrictions, and the desire to easily access a wide variety of content how, when and where you choose. It's about music being free, but not free as in beer.

And so, naturally, the legacy music industry has sought out almost every opportunity to add restrictions and limitations to their digital offerings. Disruptive innovators like Spotify and Pandora fight an ongoing uphill battle to secure the necessary rights to offer something more open and appealing, and the massive digital retailers -- Apple, Google and Amazon -- drift around in between: aware and capable of the type of technological innovation necessary to make digital music services appealing, and armed with the money and clout to secure better licensing deals from rightsholders, but also prone (to varying degrees) to following in those rightsholders' restrictive footsteps in order to fulfill their own dreams of total control and a captive audience. Amazon isn't banking on people who are out searching for a digital music service deciding to go with the absurdly limited $4 option -- it's targeting existing Echo customers who might see it as a cheap add-on for some extra music around the house. It wants to upgrade those Echo users into Prime subscribers if they aren't already (for even more music, since the services are weirdly fragmented from each other), and eventually turn new Echo-only music subscribers into fully dedicated Amazon Music customers. Instead of making it really, really easy to sign up for a music subscription that gives you everything you want on every device you own, it's ensuring there are plenty of different ways for people to pay up for a tiny slice of that experience.

To some degree, this might work -- it almost certainly won't be the only such experiment, especially with Apple laying the groundwork for even more granular control. But in the long run it won't fix anything, least of all piracy. It relies on people being trapped in a top-to-bottom walled garden, where they are happy getting all their devices and content from the same company on that company's terms, which works to an extent when the gardens are pretty enough, but leaves all the real advantages of digital out in the cold, and the users end up suffering even if they don't all know it. Even after all these years, the music industry has failed to truly offer the one thing that has obviously been the end-game and true promise of digital ever since the first MP3: a one-stop-shop for all the music in the world, delivered as digital data with all the freedom and flexibility that implies. Piracy has offered it since day one, and when it comes to competing with it, the only success stories are those services like Spotify that have fought hard to just offer a real taste of the same comprehensiveness and convenience. Amazon's latest move is a step in the opposite direction.

Filed Under: drm, echo, echo dot, limited, locked down, music services, music streaming
Companies: amazon