• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Lift Asia09 Morin
 

Lift Asia09 Morin

on

  • 732 views

DRM : From Dydtopia to (serious) fun ? Talk given at Lift Asia 09 in Jeju, South Korea, Sept 16, 2009.

DRM : From Dydtopia to (serious) fun ? Talk given at Lift Asia 09 in Jeju, South Korea, Sept 16, 2009.
http://liftconference.com/lift-asia-09

Statistics

Views

Total Views
732
Views on SlideShare
732
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Lift Asia09 Morin Lift Asia09 Morin Presentation Transcript

    • Lift Asia 09 Jeju, Korea Jean-Henry Morin University of Geneva – CUI Dept. of Information Systems Jean-Henry.Morin@unige.ch http://jean-henry.com/ Lift Asia, Sept 16-17, 2009
    • New Media Warrants New Thinking © Chappatte in "Le Temps" (Geneva), Jan 21, 2006 J.-H. Morin
    • How did we get here… … a dystopian scenario ? http://www.flickr.com/search/?q=DRM J.-H. Morin
    • Remix et © Universal Music VS dancing toddler Mannie Garcia, 2006 VS Shepard Fairey 4 J.-H. Morin
    • Where did we go wrong? •  Where did User Experience go ? •  Where did Superdistribution go ? •  Where are the innovative Business Models, the Real-time Marketers, etc. ? •  Did DRM curb those that it meant ? •  Wasn’t DRM supposed to be an enabler ? J.-H. Morin
    • Can we finally make DRM “FUN” (i.e., User Friendly ;-) ? •  Assuming : •  DRM is likely to stay and be needed (managed content) •  Absolute security is neither achievable nor desirable •  Given the right User Experience and Business Models most users smoothly comply (e.g., iTunes) •  Most users aren’t criminals •  We needed to take a step back to : •  Critically re-think DRM •  Reconsider the debate outside the either/or extremes of total vs. no security •  Re-design DRM from ground up 6 J.-H. Morin
    • Rethinking & Redesigning DRM •  Acknowledge the Central role of the User and User Experience •  Reinstate Users in their roles & rights •  Presumption of innocence & the burden of proof •  Fundamental guiding principle to Rethink and Redesign DRM : Feltens’ “Copyright Balance” principle (Felten, 2005) “Since lawful use, including fair use, of copyrighted works is in the public interest, a user wishing to make lawful use of copyrighted material should not be prevented from doing so by any DRM system.” •  Claim and Proposition : •  Put the trust back into the hands of the users •  Reverse the distrust assumption •  Requires a major paradigm shift 7 J.-H. Morin
    • Rethinking & Redesigning DRM (cont.) •  Exception Management in DRM environments, mixing water with fire ? Not necessarily ! •  Reversing the distrust assumption puts the user “in charge”, facing his responsibilities •  Allow users to make Exception Claims, granting them Short Lived Licenses based on some form of logging and monitoring •  Use Credentials as tokens for logging to detect and monitor abuses •  Credential are Revocable in order to deal with abuse and misuse situations •  Mutually acknowledged need for managed content while allowing all actors a smooth usability experience (Morin and Pawlak, 2007, 2008); (Morin 2008, 2009) 8 J.-H. Morin
    • Exception Management in DRM Environments (Morin and Pawlak, 2007, 2008); (Morin 2008, 2009) •  What is an Exception ? •  A claim made by a user wishing to rightfully access / use content •  Based on « real world » credential patterns •  Delegation model based on chained authorities •  Credential authorities closer to the users •  Locally managed and held by users (credential store) •  Short lived or fixed life time •  Revocable •  Late binding (enforcement point) •  Model is auditable for abuse and includes revocation capabilities •  Burden of proof on the party having a justifiable reason to claim abuse (presumption of innocence) •  Monitoring in near real time of security policies 9 J.-H. Morin
    • A “Serious” problem in Social Networks and Services Socially-Responsible Management of Personal Information •  Personal Information •  Different from Personally Identifying Information (PII) •  Subject to legal frameworks in most countries •  Increasingly shared on social networks •  Blurring boundaries between private and public life Legitimate concern (i.e., rights) over our information in terms of lifetime, usage purposes, access, etc. 10 J.-H. Morin
    • Problems and Issues •  Publish / share once, publish / share forever • Indexing and searching •  Who “owns” and manages YOUR information (SLAs) ? Raging debates. • Who’s information is it ? • Do you retain control ? •  Semantic searching capabilities 11 J.-H. Morin
    • The Right to Forget •  Right to Forget : fundamental human right threatened by the digital nature of information (i.e., searchable) •  Traditional Media (i.e., non digital) “Memory” erodes over time • Labor and cost intensive •  Digital Media, requires explicit human intervention to “make forget” information (Rouvroy, 2007) 12 J.-H. Morin
    • Anonymity and Privacy •  Anonymity and Privacy are fundamental to social networking • It’s not a “bug”, it’s a feature ! • It’s not schizophrenia ! •  Multiple legitimate personas (e.g., work, family, communities, etc.) • How do we deal with it in a socially- responsible and ethically sustainable way ? •  Cyber bullying (e.g., Akple in Korea) Requires traceability and accountability of information (i.e., managed information) 13 J.-H. Morin
    • Key Question •  Is Privacy and personal information threatened by current social networking services ? •  We contend there is a need for Managed Personal Information • Socially-responsible and sustainable How can we retain an acceptable (by all) level of control over our personal information ? 14 J.-H. Morin
    • Proposition (Morin, 2009) •  Personal Information should be augmented with a layer accounting for its management •  Alongside other metadata increasingly used in addressing the semantic dimension of our electronic services •  We argue DRM combined with Exception Management may be a promising path towards : • Socially-Responsible management of personal information in social networks and services 15 J.-H. Morin
    • Conclusion •  Can DRM “go green” before we all “go dark” ? •  If so, we might be able to address some “Serious” societal issues while having “Fun” along the way ! 16 J.-H. Morin
    • Security is bypassed not attacked Inspired by Adi Shamir, Turing Award lecture, 2002 Thank you Jean-Henry Morin University of Geneva – CUI Dept. of Information Systems Jean-Henry.Morin@unige.ch http://jean-henry.com/ 17 J.-H. Morin