a toothbrush with a display that says "error: could not obtain license from server"

To get away with planned obsolescence, just call it DRM

The idea that customers just “license” software products instead of owning them has manifested and I see a daunting development in the consumer electronics world that could potentially lead to products becoming obsolete because the associated software is deemed obsolete by the manufacturer. Also, even Software sold for a one-time fee typically isn’t owned by the users but only licensed, at least according to the licensor, supported by nonsensical regulations.

Consider any traditional consumer device, say, a simple coffee maker. There would be two main reasons a customer would consider the product obsolete:

→ There’s a hardware failure and the price of repair is higher than the cost of a replacement product.

→ The product is no longer compatible with the environment it’s used in. (It might use a non-standard size of coffee filters?)

Recently, however, a third main reason came up:

→ The company that made your product decided not to “support” it anymore and prevents third parties from doing so by stating that doing so would violate their intellectual property rights.

What does that mean?

Generally, depending on the type of product, you’d expect it to be “supported” for a certain period of time. If you bought a car, you could expect to be able to buy replacement parts and service it for at least ten years. I you bought a Microwave or TV, this period is shorter. Especially with technological advancements in the last 20 years, it’s often cheaper to replace than to repair your product. In all of these cases, however, you’d expect to make those decisions yourself. If your TV costs $1500 to fix, but a new TV is just $700, you’ll probably go with the new TV.

So far, so good.

Let’s talk about DRM. It’s short for Digital Rights Management and is a term used for software that prevents unauthorized copying or tampering. What’s the problem? You’re not planning to create unlicensed copies of your patented coffee maker or are you? You just want it to keep working, do you?

There are laws and regulations governing what people can and can’t do with things created and conceived by others. They are often well-intended. The infamous DMCA act was the subject of heated discussion and still is. It’s over 20 years old now and my thesis is that it doesn’t hold up due to – at the time of its conception – unforeseeable technological developments. Copyright regulations have historically been used as methods to protect intellectual property but now there’s the assumption that, as soon as there’s a form of software involved in whatever product, it’s legit to, instead of selling a product to customers, only “license” it (or critical parts of it). This practice opens up all sorts of ways for corporations to patronize customers into, ultimately, buying more of their stuff. It opens up a path to control the usage or maintenance of the product, up to the point where one may consider it planned obsolescence.

We could even call it “obsolescence on demand” and it’s far more dangerous than traditional planned obsolescence that involves simply designing a product based on assumptions regarding the longevity of its components. Through DRM, corporations can control to an unprecedented extent how and when their products become obsolete.

Imagine a simple chair that has a mechanism to fall apart after exactly one year of usage and a built-in mechanism that makes sure that nobody puts it back together because the placement of the screws is protected under copyright law.

Does that sound ridiculous?

That’s exactly where we’re headed and it’s completely legal to design a product like that, if the software that makes it possible is complex enough. (it doesn’t even have to work, it just has to be considered DRM, the circumvention of which is illegal).

DRM vs. copyright

In this text, I’ll use “DRM” and “copyright” and it’s important to understand that these are not the same thing as DRM makes certain copyright problems exponentially worse. As mentioned above, “DRM” refers to software, whereas “copyright” is a theoretical legal concept that protects ownership of intellectual property rights to things such as videos, software and just about anything. DRM is a measure to enforce copyright from a technical instead of the legal side. Any problem that arises from flaws, grey zones and loopholes in copyright can me multiplied by orders of magnitude through DRM measures that are installed in more and more consumer products, from the intangible (movies, video games…) to the tangible (cars, appliances…).

“Copy Protection”: DRM leads to products being obsolete faster than technically necessary

Let’s talk about digital video. In the early days of digital copy protection, around the 2000s, when DVDs became a thing, there used to be the now-laughable protection measure “Content Scrambling System”. It was possible to decrypt DVDs with code that fit on a T-shirt, but that didn’t matter. Behind the mask of protecting the content, the industry used the DMCA to legally prohibit those algorithms (and the T-Shirts). Even if one can’t make a strong copy protection, they could just outlaw the publishing of software that break them.

Besides this flawed “security through obscurity” approach, this leads to two problems.

The first problem is, obviously, that consumers (DVD buyers) couldn’t legally exercise their right to create a backup copy if they can’t legally obtain or eve publicly discuss the tools to do so. This has been widely discussed and is a very apparent problem.

The second problem, however, isn’t as obvious: If it doesn’t even matter if the copy protection measure actually works, but the only thing that matters is that it exists so the product can fall under legal protection against reverse-engineering, it can lead to the following thinking:

If we just put the “copyright” label onto anything, we can legally “protect” it from being copied. A nice side effect is that we control it as much as we want.

If a designer makes, say, a unique chair, the design it is already protected under copyright laws. You can’t create a copy of the same chair and market it. The new legislation only adds another layer that stops people even at the attempt to copy a product, even without the intent to sell or distribute. The reason we would need this, apparently, is that it’s much easier to copy data than to copy a chair.

Since CSS was deemed unsafe, new standards like HDCP came up, but it was the same story all over again: it was broken. And it didn’t matter because the fact that it was broken didn’t affect the theoretical illegality of circumvention.

A seasoned computer user might even run into a case of accidentally circumventing copy protection, thus commuting a violation of DMCA, simply because the “copy protection”, although existent in the eye of the law isn’t even a slight hurdle.

Copy protection isn’t primarily a way to protect data but a convenient way to slap a “protected” label on it that prevents users from making the most out of their purchases. The fact that every subsequent version of HDCP got broken so far demonstrates that the industry isn’t learning. Instead of deeming the idea of copy protection obsolete as history has repeatedly shown that it doesn’t work and only forces consumers to continuously upgrade their software and hardware to meet the latest copy protection standards, it’s being regarded as a force of nature. Unfortunately, they’re saying, our copy protection got broken. Unfortunately, you’re going to have to buy a new TV or computer that supports the latest standards.

Excellent! (Imagine Mr. Burns from The Simpsons rubbing his hands in exhilaration.) Even if the copy protection has proven to not work, people still have to follow the rules of it. Even better: because the copy protection doesn’t work, we can sell new electronics that are capable of playing the “new” content with the “new” copy protection.

This leads to situations where 1-2 year old projectors couldn’t be used for watching high-definition blu-ray movies because they lacked support for the HDCP standard. Even in the age of 4K, people have to buy new computers, monitors or AV receivers for playing 4K streaming video (even though their old ones might be perfectly 4k capable). The whole chain of image signals needs to support the standard and if one link isn’t up to HDCP 2.2 (or whatever the latest greatest is), the entire thing needs to be replaced.

Marketing campaigns make consumers think that their devices are now “HD ready”, even though they technically have been all along. (“HD Ready” was a european industry campaign) Years before HDCP, there were displays that supported “HD” resolutions, but consumers are told that those devices aren’t “ready” because they don’t support the (broken) copy protection standards. The same thing repeated with 4k video and it will likely go on. On a side note, I have a few 4K monitors that cannot be used to play back ultra most HD content because of a lack of HDCP 2+ support. In theory, the panels are good and there are ways to “upgrade” the monitors to the latest standards”, but I can’t.

Essentially, upgrading your old device to work with the new content or making your old content work with your new device is illegal.

The interesting side effect to this is that, since the copy protection has been broken anyway, consumers that have incompatible devices will also be more likely to play unlicensed videos. If a streaming video service doesn’t allow them to play 4K content on their computer, even if they pay for it, they might as well get that content somewhere else. This leads to a situation where the “copy protection” rules aren’t really good for the content owners in the first place.

I would like to move away from digital media content for now, because this isn’t really about videos. It’s about the development that it becomes common practice to use copyright protection as a measure to not only prevent people from “stealing” your products but to get them to buy more of them.

Because software and digital “things” have this special standing in copyright law, conveniently exploited in the home entertainment industry, other industries have caught up.

The idea that, in the case of software, a product sold to a customer isn’t actually owned by that customer but “licensed” to them has caught traction far beyond DVDs and streaming video.

“Tamper protection”: DRM prevents repairs, backups and modifications.

One might think that, say, if a farmer buys a tractor, they own it and can do whatever they want with it. They can tow farming equipment, go to drag races or, if something breaks, repair it. Unless, well, they can’t.

Tractor manufacturers can’t directly tell their customers what to do with their product. But they would really like to, since they can charge money for repairs and service that otherwise would go to independent repair shops. They would also like their customers to only buy OEM replacement parts, but applicable ruling states that that would be anticompetitive.

But with DRM, their dreams have come true!

By simply considering the software that is part of the product “licensed” instead of owned by the customer, the manufacturer could have more control over who repairs their tractors or what replacement parts are used. If software is needed to “calibrate” new parts and this software is copyright-protected, this would essentially lock out third parties from making repairs to those tractors. There’s a history of Farmers hacking their tractors in violation of DMCA to exercise their right to repair.

There’s a beautiful article on wired.com here that further explores this topic.

Tractors are niche market and one might consider this a business-to-business thing. But car manufacturers have been starting to do the same thing. Car parts get increasingly complex and even simple parts that used to be merely mechanical or electric now consist, in part, of software. This means that a car manufacturer, even though they have to allow third party companies to make replacement parts, can sue aftermarket car part companies for reverse-engineering their software when making replacement parts or diagnostics tools.

That’s the current reality, and it is absolute nonsense. In order to create a mechanical replacement part, say, a car headlight replacement, one has to naturally “reverse-engineer” the OEM product. They would have to take measurements, look at the voltages and screw locations that hold it in place. The Idea that the same thing shouldn’t be legal for software because software is an arcane thing that needs special copyright treatment is absurd, but that’s exactly what’s happening, with more and more products becoming “mobile computing devices” in the sense of the DMCA.

Just like the “copy protection” we discussed earlier, “tamper protection” is a common reason for this. It’s certainly understandable, why a consumer electronics company with a reputation of keeping user’s data secure would implement measures to prevent hardware tampering. While system-integrity checks that could prevent unauthorized tampering are certainly welcome, it’s up to each company to decide if they want to use it to the advantage of their users or against them. A “security by obscurity” system where the key generation algorithm for spare parts would be proprietary is a different story.

Let me go back to home videos, sold on discs. These discs are designed to last for a few years. In theory, that’s a very long time, but all they really need to be designed for is, depending on the country they’re sold in, the span of mandatory consumer warranties (which is usually a few months to a couple of years). I’ve started a large HD-DVD and blu-ray collection over 10 years ago and the oldest of those discs just stopped working in the last couple of years, forcing me to buy the same movies again. Due to their copy protection, I wasn’t allowed to make a backup copy. Since it is understood that the discs will degrade over time, it would be reasonable to assume that I can do the appropriate maintenance on my purchase, making backups. However, the opposite is true: I buy a product with no warranty (although some companies give you replacement discs for free), but am not allowed to do the required maintenance to not need a warranty in the first place. Isn’t it absurd?

It’s as if the “traditional” planned obsolescence wouldn’t be enough: instead of giving consumers no hope for a product to last longer than a certain period of time, we’re now also limiting their ability to do something about it and make their product last longer.

Soon, more and more products will contain DRM measures to make sure we use the products according to the specifications of the manufacturer, including where and for how long we can use them.

Some users also rely on modification of products to their needs. Handicapped users have their cars retrofitted with after-market controls and wheelchair ramps. If the manufacturer could “integrity check” the entire vehicle, that would lead to such modifications only being available if the manufacturer’s decides to offer those features.

DRM platforms enable companies to arbitrarily modify and shut down your products

Products should last longer than the company that makes them. But with DRM, there’s a perfect way for companies to prevent you from using your product as they please.

Let’s look at digital media like video games. It used to be that one would buy a game from a store, copy the data to their computer and start playing (or even play directly from a floppy disk). On platforms like gog.com users can still buy DRM-free games to download to their computers, but big parts of the game world are all DRMed. Large parts of video game revenue streams through platforms that essentially say that, in the event they decide to do so, they could revoke as you’re merely a “subscriber” to their services (even though you technically buy a indefinite license to their game for a one-time fee). In this case, it would depend on the company’s goodwill to get your money back or a DRM-free version of the products you’ve purchased.

Digital content distribution platforms often also force users to update to the latest version and check with the server to make sure that the user complies with their policies. This means that a customer has no choice but to accept any change that is made to the product they’ve purchased. There are cases of, for example, songs being removed from video games years after their release. The background is that, due to the age of the game, the music licenses expired, but technically, if a user purchases a product, they should own it. By saying that even when purchasing the product for a one-time fee, it’s essentially only licensed “as is” by the customer, the seller can do whatever they want with the product, including removing features or shutting the service down completely. The fact some companies do that do their customers is crazy. The fact that this is legal is insane.

There’s absolutely no need for “subscriber agreements” of any sort, although corporate lawyers and lobbyists will likely tell you otherwise. Those agreements are a, unfortunately completely legal, vehicle for planned obsolescence.

Music licensing, for example, has been working for decades in a way that a customer would buy the record and could listen to it indefinitely. If they bought a video game with licensed music, they could play it forever, even if the license for the game company to publish the game with the music already expired.

A game purchased on-line would be no different from that, where you could download the version with the music, create backups of it and play (and listen) to your heart’s consent, even if the download isn’t available anymore due to licensing restrictions.

But with a dependency to DRM servers, you don’t have that option. In order for you to use the product you apparently purchased, you (or your devices) need to talk to DRM servers and will obey to their rule, change your product they way they want and shut it down on their command if they decide to revoke their license which they could do at “any time for any reason or no reason”.

This whole thing becomes particularly ridiculous when we look into the internet of things where actual, physical devices would turn into junk when a company decides to pull the plug from their DRM servers. If you can’t us a certain feature in a video game or can’t activate the software you purchased in a store, because the DRM servers have been shut down, the environmental impact is negligible. But if we consider hardware, it’s a different story as the old, obsolete devices just go into the trash if the law says that it’s basically illegal to attempt to re-activate them, especially if (DRM) measures are in-place that track users and their attempts to do so.

What starts in software, will, in the future, roll out into consumer devices and the internet of things. There are cases where companies, after an acquisition of another company, shut down the “services” of the companies they’ve purchased. This is even worse than the worst nightmares of consumer rights activists: You buy your competitor and not only shut down their future sales and gain their assets, but you instantly make the existing products in consumer’s homes obsolete so they have to buy your new stuff. As this article puts it, “The Internet of Thing will be an internet of obsolete junk”.

conclusion

In a few years, there will be more electronic trash, corporations will be able to shut down our cars, refrigerators and toothbrushes or install mandatory, annoying adware that bullies us into buying new products.

What can we do about that?

One could hope for markets to self-regulate. If these products are so terrible, why do coustomers buy them? Why do we buy copy-protected DVDs and tamper-protected tractors?

Here’s the problem with that:

I believe, market self-regulation is only a short-term power. In the long term, considering product ownership over years and decades, who knows what will happen to your products? A product might be obsoleted after a few years and when you make your purchasing decision, there’s no way for you to tell if you.The decisions to “support” products (or not) will no longer be made by people but algorithms that compute the perfect balance between customer outrage and new sales.

Corporations will always do what they can to maximize their profits within the legal boundaries. This is how capitalism works and you can’t blame a manger of a corporation to look at the data and decide that shutting down a 10 million old devices will lead to one million new sales. They would say, if you they can’t do this, their profits would dwindle. They would say, if they would sell DRM-free movies, everyone would just publish unlicensed copies.

But under copyright law, there would still be regulations against that regardless!

In the end, if the same regulations apply to everyone, where’s the competitive harm with giving consumers rights to the product they purchased? Even with good intentions, a company’s DRM servers might shut down when they go out of business.

The problem is that activists in the sector are often disregarded as naïve hippie-communist-pirate-kids that believe everything should be free and owned by everyone.

But that’s not true. You can still respect an owner’s right to their “copy” while appreciating intellectual property rights. The fact that you could create backup copy of a movie doesn’t mean that you’d be allowed to give this backup to third parties outside of your household. The fact that you can repair your car doesn’t mean that you can reverse-engineer the car for producing unlicensed copies of it. This goes for hardware and software alike and there’s no reason to distinguish between the two. There is no reason to limit customer’s rights in what they can do with their products through technical measures since intellectual property rights already limit user’s rights to market and publish products they don’t have licenses for.

The argument that technical measures could theoretically enforce those laws is valid, but the benefits are little compared to the downsides. Copy protection has proven to not work and was only used as a measure to limit consumer rights (up to the point of planned obsolescence). Every attempt to prove that there’s a better copy protection that will be secure has only led to less consumer rights and more patronizing.

So since it doesn’t even serve its copy- and tamper-protection purpose, even this claim is nullified and the concept of DRM turns into to a remote- or time-switch for planned obsolescence.

When you buy a product, you should be able to do whatever you want with it, except, of course, re-selling its intellectual property as your own.

Here are what I think are crucial updates to the 20 year old legislation that governs intellectual property enforcement and enables planned obsolescence through DRM. Given the technological advancement, I would argue, 20 years is a long time and the regulations need a revision.

  • Consumer’s rights for maintenance on the products they purchased (backups, repairs, updates, indefinite usage) must not me artificially limited through technical measures. Such technical measures should be banned as they’re essentially a form of planned obsolescence. They serve no purpose but to limit the user’s ability to maintain and use their products.
  • It should be legal to provide tools for reverse-engineering purposes and the findings of reverse-engineering. It’s absurd that, while it’s theoretically legal to make backup copies and create spare parts that work with a certain model of car, providing or using tools that do so is potentially not.
  • A company’s assets for maintenance of a product (including source code) have to be confidentially deposited with an independent organization that can make use of the assets to ensure continued functionality and maintenance of the products in case the OEM cannot (or will not) provide continued service. By abandoning the service or device install-base, they state that the product is obsolete, so there’s also no harm in making this available to the public.
  • Communication protocols to and from internet of things devices should be openly specified as part of the product certification process.
  • Software shall be treated no different from any other type of intellectual property like a book or the schematics of a car part in that it cannot be reproduced without the copyright owner’s permission but can be maintained by third parties and technical measures to limit those activities should be outlawed.

Planned obsolescence is not only when you put a time bomb in the computer you’re selling.

Planned obsolescence is when you plan the obsolescence. It doesn’t matter if that’s one or 10 years after sales of the product. It doesn’t matter if the decision to obsolete a product is made before the launch of a product or briefly before it is shut down.

And with DRM, in combination with the arbitrary concept of “software licensing” there’s a powerful weapon at the disposal of corporations to make their planned obsolescence dreams come true.


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *