Digital Rights Management is a set of technologies to enable owners of information to control the use of that information in the digital environment. While the technologies are capable of being used to protect and mediate any kind of information, they have been primarily developed with a view to the protection of intellectual property, such as published text, recorded music, movies and games. These technologies are the basis of most digital content offerings today. One critical technology – amongst many others – is a means to express the rules under which information can be used, either by the legitimate owner’s business partners (aggregators, distributors, retailers etc) or by end user consumers.

Examples of such languages are plentiful, ranging from very simple (sometimes even binary) expressions to govern access to content in very specific application domains, e.g. the "forward lock" mechanism in the OMA specification 1.0 (Open Mobile Alliance 2004), to complex and generic XML-based languages, e.g. MPEG REL (ISO/IEC 2004) or the Rights Expression Language in OMA’s 2.0 standard.

Uni-directional use of RELs
Currently, these languages are being deployed by content providers to express their business rules with respect to the content made available. These rules – often called "Rights Expressions" – are then associated with the content itself. When a user attempts to interact with the content the rules are then interpreted and enforced by a Digital Rights Management system, effectively constraining the end user’s freedom of interaction: The end consumer has to agree to the rules if he wants to access the content.

Examples of such content services are plentiful, ranging from Apple’s iTunes store via RealNetworks’ services to MovieLink and Overdrive’s services to support eBook library lending. Many of these services currently use their own proprietary rights languages. For instance Apple’s iTunes – the leading commercial online music distributor today – using its own rules language, allows users to play the tracks on their PC or Apple iPod portable device but does not allow the content to be transferred to other users’ devices.

While rights expressions are intended to enable information owners to set the rules under which content can be used, the two leading languages being deployed today (MPEG REL and OMA REL/ODRL)can also incorporate conditions, by which the creators of rights expressions can impose obligations on the user. These obligations may involve users, including end user consumers, in many different types of activity, such as providing the content provider with information about the use of the content, so revealing patterns of usage, demographics and other consumer information. In the currently envisaged deployment of rights languages, users have to agree to such obligations in order to access content.

Bi-directional use of RELs
However, it is possible to imagine a different scenario, in which the technical capabilities of Rights Expression Languages become available to both the owners of information and to its consumers so that the latter can also exercise control over their own information, such as the attributes of their identity or their commercial preferences. As such data is, from the computers’ perspective, no different than the content data itself, it would be possible to govern its use using a Rights Expression Language. The terms "symmetrical Rights Expression Languages" (Bechtold 2003, Bechtold 2004) or "bi-directional Rights Expression Language" have been coined for this concept; we prefer the latter term as, for all practical uses, those rules set by the content owner and those set by the consumer will differ significantly, thus not creating real symmetry.

While DRM technology providers have long since recognised that digital rights management systems are capable of being used in such a scenario, commercial systems to actually implement this are still to emerge.

From couch potato to active consumer
Envisage a scenario where a user retrieves a piece of content accompanied by a set of rules defined by the content provider. Using a rights language, it would be possible for the consumer to protect her own personal data, which could then be used to bargain with the content owner. In this scenario, the consumer wants access to the content and the content owner wants access to the consumer’s data, which has a commercial value in terms of purchase patterns etc. So instead of just accepting the content owner’s set of rules, the user starts a negotiation and sends back a rule set incorporating the terms under which he or see is prepared to do business. For example, she may want to have the ability to burn two CDs instead of one and pay €1.50 more for this benefit; or she want not wish to provide any usage data.

After receiving the counter offer from the customer, the content owner can decide whether to accept the counter offer or to continue the negotiation. In either case he would send an updated rule back to his customer, who can also either accept or continue until an agreement has been reached or either side gives up.

In such a scenario, the customer would be enabled to become a more active participant in the content value chain and would move away from being the couch potato he is – or rather has to be – today. In total, the online content world would look more like today’s physical world, where people have the ability to negotiate.

Consequences of such a paradigm shift
Such a paradigm shift will, however, not be without substantial consequences for both technology deployment and business processes.

Technical consequences lie in two areas. Firstly today’s Rights Expression Languages are not deployed with a view to bi-directional use (Bechtold 2003, Bechtold 2004). They can, however, be extended to cater for such needs, which would require the current uni-directional REL standards – notably by MPEG and OMA – to be extended. Secondly, the negotiation mentioned above will require some user interface tools to enable negotiation to take place, and to make the resulting rule sets readable and accessible to humans. But more importantly – mainly on the content providers’ side – some automation is required. This, in turn, calls for "intelligent agents" that can read and interpret and compare REL rule sets and negotiate on behalf of humans.

Secondly, there are business process questions that arise from using bi-directional Rights Expression Languages. Not only would the use of bi-directional Rights Expression Languages enable negotiations with consumers – which may tend to make content commerce increasingly complex and expensive, making it difficult to analyse in terms of cost/benefit – but questions of trust also emerge. When machines act on behalf of humans, there is a question about the extent to which they can be trusted (by both the party engaging the computerised agent and his potential business partner). And there is the additional question of what happens if there are known bugs in certain agents and some malicious party uses these flaws for their advantage – unknown to and unintended by their partners/victims?

Thirdly, there are questions relating to copyright legislation which is always implemented country by country. This would mean that the use of a bi-directional REL would require any negotiation between an owner and a user about rights be conducted on a strictly national basis. For instance, if a user were negotiating about copyright exceptions, which are defined differently in civil code and common law countries, the ability to negotiate would have to be strictly confined to a specific jurisdiction.

Bottom line
Bi-directional Rights Expression Languages have been discussed for as long as Digital Rights Management systems have been in use. While today only uni-directional Rights Expression Languages either in use or are planned for commercial use, the introduction of a bi-directional language could give rise to new consumer behaviour. It has the potential to move the user from being a couch potato to become an active consumer. But before that can happen there are still many problems that would need to be addressed, ranging from purely technical issues to questions of cost/benefit, trust and even IP licensing for the use of technology in consumer applications.

  • Bechtold, Stefan (2003): The present and future of digital rights management – Musings on emerging legal problems in: Eberhard Becker, Willms Buhse, Dirk Günnewig, Niels Rump (Eds.), Digital Rights Management – Technological, economic, legal and political aspects, Springer, Berlin 2003, pp. 597-654
  • Bechtold, Stefan (2004): Value-centered design of Digital Rights Management - Perspectives on an emerging scholarship. INDICARE Monitor Vol. 1, No 4, 24 September 2004
  • ISO/IEC 21000-5:2004. Information Technology – Multimedia Framework (MPEG-21) – Part 5: Rights Expression Language (REL)
  • Open Mobile Alliance (2004): OMA Rights Expression Language. Approved Version 1.0. Document OMA-Download-DRMREL-V1_0-20040615-A. June 2004

About the Authors
Niels Rump has worked in the area of DRM since the mid 1990s. He was the main developer of one of the earlier commercial DRM systems (Fraunhofer IIS' Multimedia Protection Protocol, MMP). During his time at Fraunhofer IIS, he started working in several DRM-related standards bodies including MPEG, AES, and SDMI. He has also worked for InterTrust Technologies before joining Rightscom in 2001 where he concentrates on the technical aspects of DRM applications and technologies. As a Senior Consultant he is involved in the development of identification, metadata and messaging systems within, amongst others, the Music Industry Integrated Identifier Project (MI3P). Niels is a regular speaker at conferences on DRM and has published several papers on the topic. He holds a degree in computer science from Erlangen University, Germany.

Chris Barlas has more than twenty years experience of rights management. In the mid 1990s, he led the European Commission supported Imprimatur project. Subsequently he was involved in other successful European Commission projects including which delivered the widely adopted analysis of metadata interoperability. He has also worked as a writer and producer in television and radio. As a Senior Consultant at Rightscom, he has advised a leading software company on its eBooks strategy, a major distance learning institution on third party rights management and an international bank on its publishing work flow technology. In the public sector, he edited the CEN/ISSS DRM study and co-authored WIPO's recent report on DRM. Chris has been active in international standards development. At MPEG, he co-edited the MPEG-21 Rights Data Dictionary, published in April 2004 and took an early leadership role on standards at the Open eBook Forum. At Rightscom he recently assumed responsibility for developing the market for Ontologyx.

Status: first posted 23/09/04; included in INDICARE Monitor Vol. 1, No 4, 24 September 2004; licensed under Creative Commons