Although the most common use today of DRM is the protection of copyrighted works that are sold for profit, the philosophy underlying DRM—that content providers should have the ability to exercise fine-grained control over how their content is used—can be used to support individuals in protecting their own documents and other intellectual property in precisely the same ways. For example, A may wish to send a sensitive e-mail to B, but also to insist that B not print it or forward it to anyone else. Some DRM systems are available today that seek to provide controls of this nature within the boundaries of an enterprise.

This kind of DRM application operates in an environment very different from a copyright-enforcement regime. In a copyright-enforcement regime, the primary concern is preventing the improper large-scale distribution of copyrighted works, whereas the concerns in an enterprise DRM regime are more varied (e.g., individuals may have more concerns about the time periods during which content may be available). Because the particular set of rights relevant to any given recipient is more varied, users must specify in detail the rights they wish to grant to content recipients. Although default settings ease the burden, many users still find enterprise DRM systems cumbersome and clumsy from a usability standpoint. In addition, because the scale of rights enforcement is necessarily much more fine-grained (one improperly forwarded e-mail can become very problematic), there are higher premiums and greater needs for protections against actions such as “screen scraping” as a way of obtaining machine-readable content in violation of the rights mechanism. Finally, both sender and recipient must generally operate within the same enterprise—usually, a sender who wants to engage a recipient outside the enterprise does not have the functionality afforded by the DRM system.

The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement