privacy <> digital rights management

Donald Eastlake 3rd dee3 at torque.pothole.com
Wed Jun 26 09:51:58 EDT 2002 

On Tue, 25 Jun 2002, John S. Denker wrote:

> Date: Tue, 25 Jun 2002 22:21:36 -0400
> From: John S. Denker <jsd at monmouth.com>
> To: Dan Geer <geer at TheWorld.com>, cryptography at wasabisystems.com,
>      cypherpunks at lne.com, Ross.Anderson at cl.cam.ac.uk
> Subject: Re: privacy <> digital rights management
>
> Dan Geer wrote:
> >
> > Over the last six months, I'd discovered that Carl Ellison (Intel),
> > Joan Feigenbaum (Yale) and I agreed on at least one thing: that the
> > problem statements for "privacy" and for "digital rights management"
> > were identical,
> ...
> > ... YMMV.
>
> Uhhh, my mileage varies rather considerably.  Perhaps we are using
> wildly divergent notions of "privacy" -- or wildly divergent
> notions of "identical".
>
> DRM has to do mainly with protecting certain rights to _published_
> material.  Private material is not "identical" with published
> material -- it is more opposite than identical.

The spectrum from 2 people knowing something to 2 billion knowing
something is pretty smooth and continuous. Both DRM and privacy have to
do with controlling material after you have released it to someone who
might wish to pass it on further against your wishes. There is little
*tehcnical* difference between your doctors records being passed on to
assorted insurance companies, your boss, and/or tabloid newspapers and
the latest Disney movies being passed on from a country where it has
been released to people/theaters in a country where it has not been
released.

> Private material is, according to the usual definitions, in the hands
> of persons who have a common interest in keeping the information
> private and restricted.

The only case where all holders of information always have a common
interest is where the number of holder is one.

>                          Published material, in contrast, is in the
> hands of persons who have no interest in keeping it private, and
> indeed commonly have an interest in defeating whatever restrictions
> are in place.

"Privacy", according to the usual definitions, involve controlling the
spread of information by persons autorized to have it. Contrast with
secrecy which primarily has to do with stopping the spread of
information through the actions of those not authorized to have it.

> We have thousands of years of experience with military crypto, where
> the parties at both ends of the conversation are highly motivated to
> restrict the flow of private information.  The current state of this
> technology is very robust.

That's secrecy technology, not privacy technology.

> Ending about 20 years ago we had a 500-year era where it was not
> practical for anyone except an established publisher to infringe
> copyrights in a big way.  During this era, Rights Management had
> essentially nothing to do with crypto;  it mainly had to do with
> the economics of printing presses and radio transmitters, supplemented
> by copyright laws that were more-or-less enforceable.  This era
> was killed by analog means (widespread photocopy machines) and
> the corpse was pulverized by digital means (widespread computers
> and networking).

Sure, you can't have either privacy or DRM with plain paper texts or
plaintext digital data on untrusted hardware. That's pretty obvious. A
xerographic copier works just as well on a "private" handwritten letter
as it does on a mass produced printed page. And if you want to argue
that total privacy and DRM are unobtainable because anyone knowing
something in their mind can trasnmit it in plain text, sure. But that
does not mean that, at least in principal, it is impossible to achieve
"technical privacy"  thorugh crypto and trusted hardware where the
information can not be improperly passed on by an authorized holder
other than via their mind.

> I repeat:  The main features of our experience with Privacy Management
> are disjoint from the main features of our experience with Publishers'
> Rights Management.  They are about as different as different can be.
> The record is replete with spectacular failures attributable to
> non-understanding of the difference.

You are confusing privacy with secrecy and are confusing
accidental/historic differences between privacy and DRM with their
essential techncial identity.

Donald


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list