image E-books sales could get a big boost if the industry ditched Digital Rights Management, a literary and sales toxin.

Wickedly, DRM  links future access to a book to the whims and survival of the DRM provider.

But what to replace DRM with?

The best scenario for e-book-lovers, as I see it, would be nothing. But many publishers won’t go for that, and what about the tricky issue of library books made available via permanent checkout quotas?

The Social DRM compromise

So, as a compromise, I’ve been talking up the concept of Social DRM—putting customer-specific information in books to discourage the posting of them on P2P networks.

image The idea, named by Adobe’s Bill McCoy and based on the experiences of The Pragmatic Programmers, has already intrigued some smart publishers. People “might be a little less eager” to share a book with “5,000 of their closest friends” if “it had their name, address and ‘for a good time call….’ plastered all over it,” joked Deena Fisher of Drollerie Press in Cleveland. 

What to include beyond “For a good time call…”?

Humor aside, how far can publishers go in inserting information that would make people less likely to spread copyrighted books around without fair compensation to writers and publishers?

And what about the related issue of perhaps using some kind of digital water marking or something roughly equivalent to make unauthorized copies traceable?

image Chris Webb, an open-minded Wiley editor, who dislikes DRM-style lockdowns but wants to carefully weigh alternatives, has broached the privacy question in a thoughtful post headlined Social DRM: How much is too much information? 

So has Garson O’Toole, a much-valued TeleBlog contributor, in our comment area.

Privacy-respectful possibilities: The nuts and bolts 

In response to the above and other concerns, here is one plans to consider for Social DRM and related marking:

1. Use “Customized for…” with the user’s name and e-mail address. This simple appeal to customers’ sense of fair play is the best anti-piracy deterrent of all. If nothing else, it will help maintain the division between copyrighted books and those truly in the public domain.

2. Encrypt order or customer number, library-account or credit card information or mixes of them; and don’t require “unlocking” the way eReader does. Less secure for publishers? Yes. But any sales lost as a result of this will be made up for in ease of use, and greater appeal to customers. With the order or customer number approach used instead of the direct credit card one, the chance of identify theft based on decryption of the actual files would be zero. Yes, users would still need to trust the security of the e-commerce servers directly or indirectly involved. But that is a problem for card-related transactions of any kind. Furthermore, in the future, to reduce the problems from persistent databases, I can envision the use of anonymous digital cash, with full concealment of identities. But this is a topic for another post.

3. Don’t alter the author’s text to create the customer-specific mark via patterns—no, Garson, most writers wouldn’t go along with that, especially those of fiction—but instead reproduce the encrypted numbers simply as plain text or as patterns hidden within cover images. What’s more, in books where this wouldn’t be a distraction, components of the numbers could appear in different parts of the books, varying from customer to customer. Tinkering with the numbers would make the books more likely to be picked up by customized searches.

4. E-mail retrieval or a password-based system could be used by customers who lost books and wanted to download replacement copies from stores. Yes, that would create some vendor-dependence. But people could avoid the problem by making backups—without any unlocking needed in the future, even for use on new devices.

Meanwhile I would point out that the eReader system is already using encrypted credit card numbers to discourage the sharing of material. Have we heard of mass compromises of the card numbers or other information in eReader books? Or zillions and zillions of works in this format ending up on P2P networks?

Please—more focus on convenience

Alas, one big disadvantage of eReader, among others, is that it’s a proprietary approach—beyond which you need to have your credit card number handy to unlock redownloaded books (at least for new devices and maybe for others–someone can update me). That adds security, but also inconvenience. I’d like to see a little more emphasis on simplicity for the user even though eReader’s system is far, far preferable to, say, Mobipocket’s.

On top of, just remember that no system, eReader’s included, or even Draconian approaches like Mobipocket’s or Microsoft’s, is entirely “safe.”

Microsoft Reader: An easy crack despite the Draconian approach

Ironically, Microsoft Reader is today less secure than eReader—because of the existence of popular crackware, which honest people wouldn’t feel compelled to use if the software were more convenience and used a standard format like ePub, without DRM incompatibilities stymieing them. Isn’t Microsoft saying something when it has not even bothered to plug up Reader’s holes recently? Why? Because a fix doesn’t make sense to it financially? So much for this traditional protection, at least in practical terms. The only way for flawless pirate-proofing to happen is to avoid publishing books, even the paper variety, which can be scanned or even typed in the old-fashioned way.

No, the Social DRM approach won’t be perfect, either, but it would be endlessly more convenient for users than traditional DRM. This system would help them truly own their books forever, take the e-medium more seriously as literature, and happily send more money in the direction of content providers.

A challenge from a Real McCoy at Adobe

How about it, publishers and tech companies? In my opinion, Bill McCoy laid out the possibilities well in the conclusion of his pro-SDRM post made on Feb. 6, 2007 and inspired by Steve Jobs’ negative feelings toward DRM.

Bill, who, yes, is a son of the McCoy clan, noted that Adobe would offer DRM for publishers wanting it. But he laudably added that he “would like nothing more than to have DRM technology just fade away. After all the main challenge we have in digital publishing is to get it adopted by mainstream consumers. And the main challenge 98% of book authors and publishers have is to get people to be aware of their books, not to prevent piracy. So my challenge to print publishers and authors: why not support ‘social DRM,’ rather than heavyweight DRM? If that’s a direction you are willing to go, Adobe will back you up, 1000%.”

I’d love to read similar sentiments from Mi executives at Microsoft and Mobi, too, and even the Kindle side of Amazon, which just happens to sell nonDRMed music.  Remember what the e-books industry’s goal should be here—not to further any DRM ideology, but rather to help readers enjoy their purchases in ways that make money for writers and publishers. Companies such as Amazon love to toss around terms such as “good customer experience.” Social DRM, applied in a way respectful of privacy, is one way for this to happen. 

Image credit: Casey West.


  1. I am one of the readers who tries to avoid DRM books. If I really really want a book and the DRM copy is the only one available, I might do that. Meanwhile I am reading lots of books that don’t have DRM and I have so far not bothered to give copies to anyone. I have been asked and my response is that the book was so inexpensive that they can afford to buy their own copy. Lots of books out there under six bucks folks, even freebies. I think the success of iTunes is to be able to buy a “legal” copy at a reasonable price. Music companies are not losing money from the P2P people who collect 30,000 songs. The would not have bought them in the first place. I feel the same thing applies to books. Would the author rather have 35% of $5 or all of nothing?

  2. Interesting, thoughtful article David.

    I disagree though with your opening statement that “E-books sales could get a big boost if the industry ditched Digital Rights Management…”.

    DRM, as odious as it is, is not “the thing” that is blocking wider acceptance of ebooks. In my opinion the two main problems are the current hardware (price/sizes/capabilities) offerings and the price and availability of the titles people want to read.

    No doubt the hardware will continue to evolve independently of the availabilty of ebook titles. Ultimately I think we’ll find that hardware devices that are intended solely for reading ebooks just won’t exist.

    The availability of titles I think will be a tougher nut to crack. I don’t believe the mass market is going to accept paying the same price for an ebook (with or without DRM) that they pay for a print book. And if people find that ebooks don’t come with the same ability to be loaned to friends (without repercussions) or sold to a “used ebook store” (there’s an oxymoron yes?) there will be less interest in purchasing those.

    While Social DRM might be a useful approach I see a couple of problems apart from the privacy concerns.

    The primary thought behind the use of Social DRM seems to be that one who “owns” the ebook will be reluctant to share the ebook too widely due to the ability of “the man” to track them down and punish them somehow.

    While I believe most people are honest most of the time not all people are honest all of the time.

    Once you “loan” an ebook to a friend you really have no further control over how that file may continue to be distributed. While the purchaser of an ebook may not have been responsible for releasing it into the wild all it takes is one friend of a friend to put it on a torrent network and then you end up sharing it with your 5,000 closest friends. :)

    What happens then? Will publishers start engaging in the same sort of behavior as the RIAA?

    What if a person’s ebook library is taken from a pc/device that is physically stolen and then shared via the net? What if ones ebook library is stolen via spyware/malware/etc.? How will publishers respond? If they respond as threateningly as the RIAA will that do anything beneficial to the ebook market?

    Currently I can walk into a bookstore, pay cash, and walk out with my book in hand and not have to identify myself. That would have to change under a Social DRM arrangement yes? Is the mass marketplace likely to accept the inability to make an anonymous book purchase (actually that may become a moot point as I wouldn’t be surprised if the Department of Homeland Security eventually succeeds in prohibiting the anonymous purchase of books regardless of format).

    Earlier I mentioned loaning an ebook to a friend. What are likely to be the acceptable limits of distribution via a Social DRM arrangement and who decides?

The TeleRead community values your civil and thoughtful comments. We use a cache, so expect a delay. Problems? E-mail