On Tue, Apr 13, 2004 at 11:05:10PM +0300, Jani Nurminen wrote: > > But what content could the consumer-become-content-provider, the > ordinary person, you or me (let's call this actor the "user"), produce? > What could be interesting and rare for the corporation but found in > abundance from the user? One answer is personal data. > > Upon request by some corporation, the user decides to accept the > request. The user creates a DRM-protected file containing the personal > data the user wishes to reveal. When proper DRM technology is being used > (the same technology used to protect e.g. movies), the user can be sure > that the corporation is not able to > * use the personal data after the license period (e.g. 2 hours) has > expired > * share the personal data with third party companies without > permission > * do other non-authorized nasty stuff with the personal data
DRM only works because the supplier of the content has itself certified the software used to process the content, or trusts the entity that has certified the software. Who would you trust to certify the software that some corporation will use to process your personal data? Another issue is that DRM works best to protect massive content. For example, whether you are HIV-positive is a single bit. How would you prevent me from capturing that bit from my screen with a camera? If the DRM prevents any association of your data with your identity, the data will not be worth much to me. Also, even assuming the DRM works, what prevents the user from presenting false data? The only data I can't lie about is what I generate as a side-effect of something else, for example a click-stream. But that's already available reliably to the server(s) now, without DRM. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]