Access to and use of content

• DRMⁱ systems that are capable of being used in excess of what is necessary to protect copyrightⁱ will not receive the privilege of anti-circumvention protection.

• DRM systems that define social entities such as ‘household’ and ‘families’ in their technology, and that define these entities more narrowly or restrictively than have been defined in local law or custom will not receive the privilege of anti-circumvention protection.

• DRM systems that block the use of assistive technologies employed by disabled people will not receive the privilege of anti-circumvention protection.

Privacy

• DRMs should be certified as compliant with data protection rules or privacy rights by the Data Protection Registrar or privacy enforcement agency before they are introduced onto the market. By building privacy interests into the design of the DRM, privacy rights may be enforced more effectively.

• In particular, DRM systems should not use registration, use data, or other personal information for secondary purposes without first obtaining the individuals' informed and voluntary consent. That is, the individual should be able to use the media without consenting to marketing or other secondary uses of their personal information.

Interoperability

• DRMs that restrict the normal expected usage of that product, such as space and time shifting, should not receive the privilege of anti-circumvention protection.

• DRMs whose licensing and implementation terms preclude the use of Free and Open Source Software (FOSSⁱ) will not receive the privilege of anti-circumvention protection.

Transparency

• DRM systems that are ‘updated’ without a user’s consent will not receive the privilege of anti-circumvention protection.

• All equipment containing DRMs must be clearly labelled showing what uses are allowed and what equipment it will or will not work on. DRM systems that are marketed without adequate disclosure of restrictions will not receive the privilege of anti circumvention protection.

Security

• DRM softwareⁱ should not hamper or limit the use of software protection on consumer computers. DRMs should not bring new vulnerabilities into consumers computing equipment and such systems must not interfere with consumers’ ability to set and retain their own polices and levels of security for their own machines.

Anti-competitive behaviour

• The potential anti-competitive effects of DRMs should be reviewed. In particular, a competition investigation should be undertaken into the licensing terms for DRM technology and the effect on competitors and complementary producers.

Redress

• Consumers must have clearly defined and enforceable consumer rights that cannot be overridden by contract terms, DRM systems or other technological measures. They should not have to rely, as now, on the restraint or goodwill of the rights holders or, as in Europe, on the whims of each Member State as to which consumer exemption they will allow.

Among the consumer rights that should be clearly expressed:

• Right to private copy

• Right to fair commercial practices

• Right to be informed and refunded for faulty products

• Right to privacy and data protection.

• Right to free speech

A simple and speedy alternative dispute resolution system should be established for cross border DRM disputes so consumers do not have to rely on costly litigation for low value disputes, whilst retaining the right to use court action as a last resort.

Source: TACDⁱ Resolution on Digital Rights Management www.tacd.org/docs/?id=275